I just resolved this issue.  Bind account password expired.

 

 

From: openldap-technical [mailto:openldap-technical-bounces@openldap.org] On Behalf Of Lang, Adam
Sent: Tuesday, November 27, 2018 1:00 PM
To: openldap-technical@openldap.org
Subject: openldap stopped authenticating

 

Hello,

 

I woke up to an issue today where SSH access to our servers no longer works due to issues with LDAP authentication.  Oddly, ldapsearch with admin credentials interacts with the LDAP server fine. If I check for ldapusers using getent passwd, none are returned. 

 

The slapd auditlog records the failed attempts. 

 

When trying to su as an ldap user, it returns “no passwd entry”.

 

Nothing “should” have changed over night, so any ideas of where to look will be appreciated.

 

Adam


The information contained in or attached to this e-mail is intended only for the use of the addressee. If you are not the intended recipient of this e-mail, or a person responsible for delivering it to the intended recipient, you are strictly prohibited from disclosing, copying, distributing, or retaining this e-mail or any part of it. It may contain information which is confidential and/or covered by legal, professional or other privilege under applicable law. If you have received this e-mail in error, please notify the author by replying to this e-mail immediately and delete this e-mail from your system. The views expressed in this email may not necessary be the views held by the organization. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.


The information contained in or attached to this e-mail is intended only for the use of the addressee. If you are not the intended recipient of this e-mail, or a person responsible for delivering it to the intended recipient, you are strictly prohibited from disclosing, copying, distributing, or retaining this e-mail or any part of it. It may contain information which is confidential and/or covered by legal, professional or other privilege under applicable law. If you have received this e-mail in error, please notify the author by replying to this e-mail immediately and delete this e-mail from your system. The views expressed in this email may not necessary be the views held by the organization. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.