Tickets :: [#2502] wrong error when using smbldap driver and bind as user

6.0.0-beta1

7/28/25

Summary	wrong error when using smbldap driver and bind as user
Queue	Passwd
Queue Version	HEAD
Type	Bug
State	Resolved
Priority	1. Low
Owners	Horde Developers (at) , jan (at) horde (dot) org
Requester	glen (at) delfi (dot) ee
Created	08/23/2005 (7279 days ago)
Due
Updated	09/13/2005 (7258 days ago)
Assigned	09/11/2005 (7260 days ago)
Resolved	09/13/2005 (7258 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch	No

09/13/2005 10:07:24 PM	Jan Schneider	Comment #6 State ⇒ Resolved	Reply to this comment
This was the patch and rationale behind that change: http://lists.horde.org/archives/sork/Week-of-Mon-20040503/001579.html I reverted it to the former behaviour because that made more sense to me.

09/11/2005 09:49:10 PM	Jan Schneider	Assigned to Jan Schneider Assigned to Horde Developers State ⇒ Assigned

09/09/2005 02:32:35 PM	glen (at) delfi (dot) ee	Comment #5	Reply to this comment
maybe not just remove the anonymous bind, but rather remove the fallbacking method, ie if there's no configuration on $userdn try only anon-bind, and if $userdn set, try only anonymous bind. if (!is_null($userdn)) { // do non-anonymous bind } else { // do anonymous bind } then i think it will work as expected: 1. bind with root user 2. bind with current user 3. anonymous bind and no hidden catches.

09/09/2005 03:27:03 AM	Chuck Hagenbuch	Comment #4	Reply to this comment
Okay, I understand you now. It seems odd to me to try updating passwords anonymously, but I'm wary of removing functionality that people need. Please poll the sork list on this.

09/08/2005 10:59:10 PM	glen (at) delfi (dot) ee	Comment #3 New Attachment: horde-passwd-noanon-bind.patch	Reply to this comment
if you go change the password, and fill wrong "old password" the ldap driver will fallback to the anonymous bind, due bind with password failed. [Fri Sep 9 01:55:20 2005] [error] PHP Warning: ldap_bind(): Unable to bind to server: Invalid credentials in /usr/share/horde/passwd/lib/Driver/ldap.php on line 87 [Fri Sep 9 01:55:20 2005] [error] PHP Warning: ldap_mod_replace(): Modify: Strong(er) authentication required in /usr/share/horde/passwd/lib/Driver/ldap.php on line 282 // Try to bind as the current userdn with password. if (!is_null($userdn)) { $result = @ldap_bind($this->_ds, $userdn, $password); } // If unable to bind as current user, still try to bind as // guest. if (!$result) { $result = @ldap_bind($this->_ds); } removing the second rebind, the proper error is produced: " Failure in changing password on delfi.ee domain: Incorrect Password"

09/06/2005 12:03:53 AM	Chuck Hagenbuch	Comment #2 State ⇒ Feedback	Reply to this comment
I'm sorry, I can't follow what the problem is. What do you think should be changed? Can you upload a patch?

08/23/2005 09:18:36 PM	glen (at) delfi (dot) ee	Comment #1 Priority ⇒ 1. Low Type ⇒ Bug Summary ⇒ wrong error when using smbldap driver and bind as user Queue ⇒ Passwd State ⇒ Unconfirmed	Reply to this comment
i've configured smbldap and hooks to bind to DN of user. when user fills wrong old password the driver will try to bind anonymous LDAP user and further modification operation will fail as there aren't sufficent permissions to update LDAP. error returned is: Failure in changing password on delfi.ee domain: Strong(er) authentication required