API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 21st, 2019
74
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.34 KB | None | 0 0
raw download clone embed print report
  1. nss-pam-ldapd v.0.9.9
  2.  
  3. /etc/nslcd.conf:
  4.  
  5. uid nslcd
  6. gid nslcd
  7. uri ldap://temis/
  8. base dc=domain
  9. ldap_version 3
  10. binddn cn=leoldap,dc=domain
  11. bindpw ****
  12. ssl start_tls
  13. tls_reqcert allow
  14. tls_cacertfile /etc/ssl/certs/ca-certificates.crt
  15.  
  16. 2 x multimaster slapd servers
  17. 1 x HAproxy load balancer. Tcp Ldap traffic forwarded to the multimasters.
  18. Many Ubuntu 16, 18 and Debian 8,9 clients. (At the moment only testing 2 clients with Ubuntu 16/18)
  19.  
  20. dn: olcOverlay={4}ppolicy,olcDatabase={1}mdb,cn=config
  21. objectClass: olcOverlayConfig
  22. objectClass: olcPPolicyConfig
  23. olcOverlay: {4}ppolicy
  24. olcPPolicyDefault: cn=PWUsuarios,ou=Politicas,ou=Seguridad,ou=Grupos,dc=domain
  25. olcPPolicyHashCleartext: TRUE
  26. olcPPolicyUseLockout: FALSE
  27. olcPPolicyForwardUpdates: FALSE
  28.  
  29. dn: cn=PWUsuarios,ou=Politicas,ou=Seguridad,ou=Grupos,dc=domain
  30. cn: PWUsuarios
  31. objectClass: pwdPolicy
  32. objectClass: device
  33. objectClass: top
  34. objectClass: pwdPolicyChecker
  35. pwdAllowUserChange: TRUE
  36. pwdAttribute: userPassword
  37. pwdCheckModule: pqchecker.so
  38. pwdCheckQuality: 2
  39. pwdFailureCountInterval: 0
  40. pwdInHistory: 3
  41. pwdLockoutDuration: 3600
  42. pwdMaxFailure: 3
  43. pwdMinLength: 10
  44. pwdMustChange: TRUE
  45. pwdMaxAge: 120
  46. pwdExpireWarning: 120
  47. pwdGraceAuthNLimit: 1
  48. pwdLockout: TRUE
  49.  
  50. dn: cn=PWApps,ou=Politicas,ou=Seguridad,ou=Grupos,dc=domain
  51. cn: PWApps
  52. objectClass: pwdPolicy
  53. objectClass: device
  54. objectClass: top
  55. objectClass: pwdPolicyChecker
  56. pwdAllowUserChange: FALSE
  57. pwdAttribute: userPassword
  58. pwdCheckModule: pqchecker.so
  59. pwdCheckQuality: 2
  60. pwdFailureCountInterval: 0
  61. pwdGraceAuthNLimit: 0
  62. pwdLockoutDuration: 0
  63. pwdMaxFailure: 3
  64. pwdMinLength: 8
  65.  
  66. nslcd: DEBUG: NSS_LDAP nss-pam-ldapd 0.9.9
  67. nslcd: DEBUG: ldap_set_option(LDAP_OPT_X_TLS_REQUIRE_CERT,allow)
  68. nslcd: DEBUG: ldap_set_option(LDAP_OPT_X_TLS_CACERTFILE,"/etc/ssl/certs/ca-certificates.crt")
  69. nslcd: DEBUG: CFG: threads 5
  70. nslcd: DEBUG: CFG: uid nslcd
  71. nslcd: DEBUG: CFG: gid 131
  72. nslcd: DEBUG: CFG: uri ldap://temis/
  73. nslcd: DEBUG: CFG: ldap_version 3
  74. nslcd: DEBUG: CFG: binddn cn=leoldap,dc=domain
  75. nslcd: DEBUG: CFG: bindpw ***
  76. nslcd: DEBUG: CFG: base dc=domain
  77. nslcd: DEBUG: CFG: scope sub
  78. nslcd: DEBUG: CFG: deref never
  79. nslcd: DEBUG: CFG: referrals yes
  80. nslcd: DEBUG: CFG: filter aliases (objectClass=nisMailAlias)
  81. nslcd: DEBUG: CFG: filter ethers (objectClass=ieee802Device)
  82. nslcd: DEBUG: CFG: filter group (objectClass=posixGroup)
  83. nslcd: DEBUG: CFG: filter hosts (objectClass=ipHost)
  84. nslcd: DEBUG: CFG: filter netgroup (objectClass=nisNetgroup)
  85. nslcd: DEBUG: CFG: filter networks (objectClass=ipNetwork)
  86. nslcd: DEBUG: CFG: filter passwd (objectClass=posixAccount)
  87. nslcd: DEBUG: CFG: filter protocols (objectClass=ipProtocol)
  88. nslcd: DEBUG: CFG: filter rpc (objectClass=oncRpc)
  89. nslcd: DEBUG: CFG: filter services (objectClass=ipService)
  90. nslcd: DEBUG: CFG: filter shadow (objectClass=shadowAccount)
  91. nslcd: DEBUG: CFG: map group userPassword ""
  92. nslcd: DEBUG: CFG: map passwd userPassword ""
  93. nslcd: DEBUG: CFG: map passwd gecos "${gecos:-$cn}"
  94. nslcd: DEBUG: CFG: map shadow userPassword ""
  95. nslcd: DEBUG: CFG: map shadow shadowLastChange "${shadowLastChange:--1}"
  96. nslcd: DEBUG: CFG: map shadow shadowMin "${shadowMin:--1}"
  97. nslcd: DEBUG: CFG: map shadow shadowMax "${shadowMax:--1}"
  98. nslcd: DEBUG: CFG: map shadow shadowWarning "${shadowWarning:--1}"
  99. nslcd: DEBUG: CFG: map shadow shadowInactive "${shadowInactive:--1}"
  100. nslcd: DEBUG: CFG: map shadow shadowExpire "${shadowExpire:--1}"
  101. nslcd: DEBUG: CFG: map shadow shadowFlag "${shadowFlag:-0}"
  102. nslcd: DEBUG: CFG: pam_authc_ppolicy yes
  103. nslcd: DEBUG: CFG: bind_timelimit 10
  104. nslcd: DEBUG: CFG: timelimit 0
  105. nslcd: DEBUG: CFG: idle_timelimit 0
  106. nslcd: DEBUG: CFG: reconnect_sleeptime 1
  107. nslcd: DEBUG: CFG: reconnect_retrytime 10
  108. nslcd: DEBUG: CFG: ssl start_tls
  109. nslcd: DEBUG: CFG: tls_reqcert allow
  110. nslcd: DEBUG: CFG: tls_cacertfile /etc/ssl/certs/ca-certificates.crt
  111. nslcd: DEBUG: CFG: pagesize 0
  112. nslcd: DEBUG: CFG: nss_initgroups_ignoreusers kernoops,bin,whoopsie,systemd-network,nslcd,cups-pk-helper,hplip,pulse,rou,daemon,colord,avahi,messagebus,xrdp,backup,gnome-initial-setup,mysql,irc,man,openldap,new...
  113. nslcd: DEBUG: CFG: nss_min_uid 0
  114. nslcd: DEBUG: CFG: nss_uid_offset 0
  115. nslcd: DEBUG: CFG: nss_gid_offset 0
  116. nslcd: DEBUG: CFG: nss_nested_groups no
  117. nslcd: DEBUG: CFG: nss_getgrent_skipmembers no
  118. nslcd: DEBUG: CFG: nss_disable_enumeration no
  119. nslcd: DEBUG: CFG: validnames /^[a-z0-9.@$()]([a-z0-9.@$() ~-][a-z0-9._@$()~-])?$/i
  120. nslcd: DEBUG: CFG: ignorecase no
  121. nslcd: DEBUG: CFG: pam_authc_search BASE
  122. nslcd: DEBUG: CFG: cache dn2uid 15m 15m
  123. nslcd: version 0.9.9 starting
  124. nslcd: DEBUG: unlink() of /var/run/nslcd/socket failed (ignored): No such file or directory
  125. nslcd: DEBUG: initgroups("nslcd",131) done
  126. nslcd: DEBUG: setgid(131) done
  127. nslcd: DEBUG: setuid(127) done
  128. nslcd: accepting connections
  129. nslcd: [8b4567] DEBUG: connection from pid=101098 uid=0 gid=0
  130. nslcd: [8b4567] <passwd="rarigita"> DEBUG: myldap_search(base="dc=domain", filter="(&(objectClass=posixAccount)(uid=rarigita))")
  131. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_initialize(ldap://temis/)
  132. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_set_rebind_proc()
  133. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
  134. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
  135. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
  136. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
  137. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
  138. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
  139. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
  140. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_start_tls_s()
  141. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_simple_bind_s("cn=leoldap,dc=domain","***") (uri="ldap://temis/")
  142. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_result(): cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain
  143. nslcd: [8b4567] <passwd="rarigita"> (re)loading /etc/nsswitch.conf
  144. nslcd: [8b4567] <passwd="rarigita"> DEBUG: ldap_result(): end of results (1 total)
  145. nslcd: [7b23c6] DEBUG: connection from pid=101098 uid=0 gid=0
  146. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: myldap_search(base="dc=domain", filter="(&(objectClass=posixAccount)(uid=rarigita))")
  147. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_initialize(ldap://temis/)
  148. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_set_rebind_proc()
  149. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
  150. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
  151. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
  152. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
  153. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
  154. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
  155. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
  156. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_start_tls_s()
  157. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_simple_bind_s("cn=leoldap,dc=domain","***") (uri="ldap://temis/")
  158. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_result(): cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain
  159. nslcd: [7b23c6] <passwd="rarigita"> DEBUG: ldap_result(): end of results (1 total)
  160. nslcd: [3c9869] DEBUG: connection from pid=101098 uid=0 gid=0
  161. nslcd: [3c9869] <shadow="rarigita"> DEBUG: myldap_search(base="dc=domain", filter="(&(objectClass=shadowAccount)(uid=rarigita))")
  162. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_initialize(ldap://temis/)
  163. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_set_rebind_proc()
  164. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
  165. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
  166. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
  167. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
  168. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
  169. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
  170. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
  171. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_start_tls_s()
  172. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_simple_bind_s("cn=leoldap,dc=domain","***") (uri="ldap://temis/")
  173. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_result(): cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain
  174. nslcd: [3c9869] <shadow="rarigita"> DEBUG: ldap_result(): end of results (1 total)
  175. nslcd: [334873] DEBUG: connection from pid=101098 uid=0 gid=0
  176. nslcd: [334873] <passwd="rarigita"> DEBUG: myldap_search(base="dc=domain", filter="(&(objectClass=posixAccount)(uid=rarigita))")
  177. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_initialize(ldap://temis/)
  178. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_set_rebind_proc()
  179. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
  180. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
  181. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
  182. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
  183. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
  184. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
  185. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
  186. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_start_tls_s()
  187. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_simple_bind_s("cn=leoldap,dc=domain","***") (uri="ldap://temis/")
  188. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_result(): cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain
  189. nslcd: [334873] <passwd="rarigita"> DEBUG: ldap_result(): end of results (1 total)
  190. nslcd: [b0dc51] DEBUG: connection from pid=101098 uid=0 gid=0
  191. nslcd: [b0dc51] <authc="rarigita"> DEBUG: nslcd_pam_authc("rarigita","sshd","***")
  192. nslcd: [b0dc51] <authc="rarigita"> DEBUG: myldap_search(base="dc=domain", filter="(&(objectClass=posixAccount)(uid=rarigita))")
  193. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_initialize(ldap://temis/)
  194. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_rebind_proc()
  195. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
  196. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
  197. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
  198. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
  199. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
  200. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
  201. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
  202. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_start_tls_s()
  203. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_simple_bind_s("cn=leoldap,dc=domain","**") (uri="ldap://temis/")
  204. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_result(): cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain
  205. nslcd: [b0dc51] <authc="rarigita"> DEBUG: myldap_search(base="cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain", filter="(objectClass=)")
  206. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_initialize(ldap://temis/)
  207. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_rebind_proc()
  208. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3)
  209. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0)
  210. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0)
  211. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0)
  212. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0)
  213. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON)
  214. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON)
  215. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_start_tls_s()
  216. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_sasl_bind("cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain","***") (uri="ldap://temis/") (ppolicy=yes)
  217. nslcd: [b0dc51] <authc="rarigita"> DEBUG: got LDAP_CONTROL_PASSWORDPOLICYRESPONSE (Password expired)
  218. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_parse_result() result: Invalid credentials
  219. nslcd: [b0dc51] <authc="rarigita"> DEBUG: failed to bind to LDAP server ldap://temis/: Invalid credentials
  220. nslcd: [b0dc51] <authc="rarigita"> DEBUG: ldap_unbind()
  221. nslcd: [b0dc51] <authc="rarigita"> cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain: Invalid credentials
  222. nslcd: [b0dc51] <authc="rarigita"> cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain: Password expired
  223. nslcd: [495cff] DEBUG: connection from pid=101160 uid=0 gid=0
  224. nslcd: [495cff] <group/member="root"> DEBUG: ignored group member
  225.  
  226. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 fd=21 ACCEPT from IP=10.6.22.124:44996 (IP=10.6.22.121:389)
  227. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=0 EXT oid=1.3.6.1.4.1.1466.20037
  228. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=0 STARTTLS
  229. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=0 RESULT oid= err=0 text=
  230. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 fd=21 TLS established tls_ssf=256 ssf=256
  231. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=1 BIND dn="cn=leoldap,dc=domain" method=128
  232. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=1 BIND dn="cn=leoldap,dc=domain" mech=SIMPLE ssf=0
  233. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=1 RESULT tag=97 err=0 text=
  234. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=2 SRCH base="dc=domain" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=rarigita))"
  235. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=2 SRCH attr=uidNumber cn gecos uid objectClass homeDirectory gidNumber loginShell
  236. Mar 18 13:27:36 CarlosIs99 slapd[1757]: conn=6320 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
  237. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 fd=22 ACCEPT from IP=10.6.22.124:45032 (IP=10.6.22.121:389)
  238. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=0 EXT oid=1.3.6.1.4.1.1466.20037
  239. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=0 STARTTLS
  240. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=0 RESULT oid= err=0 text=
  241. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 fd=22 TLS established tls_ssf=256 ssf=256
  242. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=1 BIND dn="cn=leoldap,dc=domain" method=128
  243. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=1 BIND dn="cn=leoldap,dc=domain" mech=SIMPLE ssf=0
  244. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=1 RESULT tag=97 err=0 text=
  245. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=2 SRCH base="dc=domain" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=rarigita))"
  246. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=2 SRCH attr=uidNumber cn gecos uid objectClass homeDirectory gidNumber loginShell
  247. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6321 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
  248. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6322 fd=23 ACCEPT from IP=10.6.22.124:45036 (IP=10.6.22.121:389)
  249. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6322 op=0 EXT oid=1.3.6.1.4.1.1466.20037
  250. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6322 op=0 STARTTLS
  251. Mar 18 13:27:41 CarlosIs99 slapd[1757]: conn=6322 op=0 RESULT oid= err=0 text=
  252. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6322 fd=23 TLS established tls_ssf=256 ssf=256
  253. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6322 op=1 BIND dn="cn=leoldap,dc=domain" method=128
  254. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6322 op=1 BIND dn="cn=leoldap,dc=domain" mech=SIMPLE ssf=0
  255. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6322 op=1 RESULT tag=97 err=0 text=
  256. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6322 op=2 SRCH base="dc=domain" scope=2 deref=0 filter="(&(objectClass=shadowAccount)(uid=rarigita))"
  257. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6322 op=2 SRCH attr=shadowFlag shadowMax shadowMin shadowLastChange uid shadowExpire shadowInactive shadowWarning
  258. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6322 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
  259. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6323 fd=24 ACCEPT from IP=10.6.22.124:45038 (IP=10.6.22.121:389)
  260. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6323 op=0 EXT oid=1.3.6.1.4.1.1466.20037
  261. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6323 op=0 STARTTLS
  262. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6323 op=0 RESULT oid= err=0 text=
  263. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6323 fd=24 TLS established tls_ssf=256 ssf=256
  264. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6323 op=1 BIND dn="cn=leoldap,dc=domain" method=128
  265. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6323 op=1 BIND dn="cn=leoldap,dc=domain" mech=SIMPLE ssf=0
  266. Mar 18 13:27:42 CarlosIs99 slapd[1757]: conn=6323 op=1 RESULT tag=97 err=0 text=
  267. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6323 op=2 SRCH base="dc=domain" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=rarigita))"
  268. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6323 op=2 SRCH attr=uidNumber cn gecos uid objectClass homeDirectory gidNumber loginShell
  269. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6323 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
  270. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6320 op=3 SRCH base="dc=domain" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=rarigita))"
  271. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6320 op=3 SRCH attr=uid uidNumber
  272. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6320 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
  273. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 fd=25 ACCEPT from IP=10.6.22.124:45050 (IP=10.6.22.121:389)
  274. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 op=0 EXT oid=1.3.6.1.4.1.1466.20037
  275. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 op=0 STARTTLS
  276. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 op=0 RESULT oid= err=0 text=
  277. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 fd=25 TLS established tls_ssf=256 ssf=256
  278. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 op=1 BIND dn="cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain" method=128
  279. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 op=1 BIND dn="cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain" mech=SIMPLE ssf=0
  280. Mar 18 13:27:43 CarlosIs99 slapd[1757]: ppolicy_bind: Entry cn=Rodrigo Arigita,ou=Usuarios,ou=Bandam,ou=Externos,dc=domain has an expired password: 0 grace logins
  281. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 op=1 RESULT tag=97 err=49 text=
  282. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 op=2 UNBIND
  283. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6324 fd=25 closed
  284. Mar 18 13:27:43 CarlosIs99 slapd[1757]: conn=6320 op=4 ABANDON msg=4
  285.  
  286. auth [success=2 default=ignore] pam_unix.so nullok_secure
  287. auth [success=1 default=ignore] pam_ldap.so minimum_uid=1000 use_first_pass
  288. auth requisite pam_deny.so
  289. auth required pam_permit.so
  290. auth optional pam_cap.so
  291.  
  292. account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
  293. account requisite pam_deny.so
  294. account required pam_permit.so
  295. account [success=ok new_authtok_reqd=done ignore=ignore user_unknown=ignore authinfo_unavail=ignore default=bad] pam_ldap.so minimum_uid=1000
  296.  
  297. password [success=2 default=ignore] pam_unix.so obscure sha512
  298. password [success=1 default=ignore] pam_ldap.so minimum_uid=1000 try_first_pass
  299. password requisite pam_deny.so
  300. password required pam_permit.so
  301. password optional pam_gnome_keyring.so
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!