[prev in list] [next in list] [prev in thread] [next in thread]
List: ngw
Subject: Re: [ngw] Perplexing Datasync Issue / LDAP
From: "Marvin Huffaker" <mhuffaker () redjuju ! com>
Date: 2017-05-25 17:35:10
Message-ID: 592715D3020000190006FBA1 () smtp ! redjuju ! com
[Download RAW message or body]
When first troubleshooting, I used dsapp to forcibly remove what I believe were all \
traces of the user in question. it didn't change the behavior of what is happening.
Marvin
Sent from my iPhone
> On May 25, 2017, at 9:56 AM, James Taylor <James.Taylor@eastcobbgroup.com> wrote:
>
> Have you tried running dsapp to look for the user ID?
> May have some corruption. dsapp will find and remove these kind of "phantom" users.
>
> https://www.novell.com/communities/coolsolutions/cool_tools/dsapp/
>
> Just in case..
> By the way, it will check for latest version and auto update when ou run it.
> -jt
>
>
>
> James Taylor
> 678-697-9420
> james.taylor@eastcobbgroup.com
>
>
>
> > > > "Marvin Huffaker" <mhuffaker@redjuju.com> 5/25/2017 12:42 PM >>>
> I have an issue that has me completely stumped. Latest Datasync build and it is \
> configured to provision and authenticate via ldap.
> It started off when a user changed their eDirectory password, they started getting \
> locked out of their edir account with an "Intruder Lockout". The source of the \
> lockkout was the Datasync server. He had changed the associated account/password \
> on his iphone so a password discrepancy between edir and the device is not the \
> issue. Other users seem to be able to change their passwords without issue. They \
> have a global policy that forces password changes every 45 days.
> Currently we have the user completely removed from Datasync. He is not even \
> provisioned. I have used dsapp to manually scrub him from the database. There is \
> no trace of him in datasync.
> His account continues to be locked out and the datasync server ip address is the \
> source. Furthermore, we have noticed that through the customers auditing software \
> reports, numerous LDAP authentication requests are coming in from the datasync \
> server for users that are not and have never been provisioned for datasync.
> What could possibly be doing this? It's just a vanilla SLES 11 SP4 server built \
> specifically for datasync. No eDirectory. No OES, no other services or anything I \
> can find that would be making LDAP calls.. The only service making LDAP calls would \
> be datasync.
>
> Marvin Huffaker
> mhuffaker@redjuju.com
> Office: 480-988-7215 (Best Number)
> Cell: 480-797-2989
>
>
>
>
> _______________________________________________
> ngw mailing list
> ngw@ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
_______________________________________________
ngw mailing list
ngw@ngwlist.com
http://ngwlist.com/mailman/listinfo/ngw
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic