LDAP lookups succeed for some user accounts but fail for others
Applies to
- ONTAP 9
- NFS
- Delinea/Centrify LDAP
Issue
- When validating user credentials from name services, some users may resolve correctly while others do not
- This issue can be seen either via the
getxxbyyy getpwbyuid
or theaccess-check authentication show-creds
commands - The schema has been reviewed for correctness to match the LDAP server
- The existence of all users has been confirmed within the LDAP structure, and the appropriate attributes exist in the correct fields
- A packet trace reveals that queries for both succeeding and failing users have the same query syntax, but the LDAP server responds to some queries with
noSuchObject