LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 12-10-2012, 12:16 AM   #1
decenter
Member
 
Registered: Sep 2011
Distribution: Ubuntu 12.04.4 LTS
Posts: 136

Rep: Reputation: 17
LDAP and pGina (pure Windows XP client issue)


I have installed pGina on windows XP machine. I logged in as LDAP user and then changed the password. But next time when I login, I used the new password, but it doesn't work. I can still authenticate using old password.

But in linux machine, If I change password, it accepts the changes immediately and accepts new password.

So, here I doubt on onething. The pGina doesn't sync to LDAP server each time. That is why, even I have changed the LDAP password of an user, it still logs in using old password.

Any light on this?
 
Old 12-10-2012, 03:56 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,373

Rep: Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962
I woudl suggest running wireshark on the server side (or capture with tcpdump and then export the capture to wireshark somewhere else) and look at the ldap interactions when you change the password, see if there acutally is any, and if so, what the operations performed actually are. It doesn't make sense that there should be a cache within pGina, it's meant to be a pure client.
 
Old 12-10-2012, 06:04 AM   #3
decenter
Member
 
Registered: Sep 2011
Distribution: Ubuntu 12.04.4 LTS
Posts: 136

Original Poster
Rep: Reputation: 17
Yes. I found it to be a pure client issue. The pGina software which is installed in the windows XP machine doesn't even connect to LDAP server when the LDAP username is already present in the machine. Actually, when a LDAP user logs in for first time, it first checks the local account. If the username is not found, then it contacts the LDAP server. So, once it authenticates LDAP user, it creates an account in the local machine. So when the same user logs in next time, it doesn't contact the LDAP server, but it checks the local authentication and authenticates. So, if the LDAP user password is changed in the LDAP server , it doesn't make sense. We are still able to login to the client using old password. I believe this is a bug in pGina and it should be addressed as it is a serious matter.

Did any one encounter this issue? Or any one using this software for authenticating LDAP users on windows machine?

I would like to know other methods of LDAP client authentication in Windows.

Thanks.

Last edited by decenter; 12-10-2012 at 06:31 AM.
 
Old 12-10-2012, 11:36 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,373

Rep: Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962
Looking over the pGina docs, i'm not sure it's so much a bug, but a glaringly stupid feature. The docs are amazingly thin on the ground for such a potentially useful tool.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
windows client authentication through redhat ldap server anaresh55 Linux - Server 4 05-10-2012 02:07 AM
Can we join a Windows client to LDAP sever vivekanandan Linux - Newbie 2 07-08-2010 04:11 PM
Issue logging into LDAP Client? your_shadow03 Linux - Newbie 1 01-26-2010 12:13 PM
Issue during the LDAP Client Authentication?? ajeetraina Linux - Server 0 11-07-2007 10:54 PM
RHEL5 ldap/pam client issue lokke Linux - Security 2 07-27-2007 08:52 AM


All times are GMT -5. The time now is 12:39 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration