706860 – 2 digits login names no seen after upgrading to nss-pam-ldapd-0.7.5-7

Bug 706860 - 2 digits login names no seen after upgrading to nss-pam-ldapd-0.7.5-7

Summary: 2 digits login names no seen after upgrading to nss-pam-ldapd-0.7.5-7

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	nss-pam-ldapd
Sub Component:
Version:	6.1
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Nalin Dahyabhai
QA Contact:	BaseOS QE Security Team
Docs Contact:
URL:
Whiteboard:
Duplicates (2):	709094 751654 (view as bug list)
Depends On:
Blocks:	726309
TreeView+	depends on / blocked

Reported:	2011-05-23 09:37 UTC by Francois Marabelle
Modified:	2018-11-27 21:31 UTC (History)
CC List:	11 users (show)
Fixed In Version:	nss-pam-ldapd-0.7.5-8.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-12-06 17:36:09 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Priority	Status	Summary	Last Updated
Debian BTS	620235	None	None	None	Never
Red Hat Knowledge Base (Legacy)	56716	None	None	None	Never
Red Hat Product Errata	RHBA-2011:1705	normal	SHIPPED_LIVE	nss-pam-ldapd bug fix and enhancement update	2011-12-06 01:02:30 UTC

Description Francois Marabelle 2011-05-23 09:37:00 UTC

Description of problem:

After upgrading from 0.7.5-3 to  0.7.5-7  login names with only 2 digits
are not seen anymore

Version-Release number of selected component (if applicable):
0.7.5-7

How reproducible:
Always

Steps to Reproduce:
1. create a 2 digits account on ldap server
2. try to login
3.
  
Actual results:

unknown user

Expected results:
login...

Additional info:
downgrading to nss-pam-ldapd-0.7.5-3 solve the problem.

Comment 2 Nalin Dahyabhai 2011-05-23 15:25:02 UTC

The default value for the "validnames" setting as we added it expects names to be at least three characters long, though this is relaxed a bit in subsequent versions to a minimum of two.  Setting
  validnames /^[a-z0-9._@$()][a-z0-9._@$() \~-]*[a-z0-9._@$()~-]$/i
in /etc/nslcd.conf should work around this until we catch up with it.

Comment 3 Francois Marabelle 2011-05-24 06:53:14 UTC

It works. Thanks
(In reply to comment #2)

Comment 5 Nalin Dahyabhai 2011-05-31 14:10:15 UTC

*** Bug 709094 has been marked as a duplicate of this bug. ***

Comment 17 Jakub Hrozek 2011-11-07 09:45:51 UTC

*** Bug 751654 has been marked as a duplicate of this bug. ***

Comment 18 errata-xmlrpc 2011-12-06 17:36:09 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1705.html

Note You need to log in before you can comment on or make changes to this bug.