search for: wrongpass

...n=CORE > --target-hostname=open-ldap2.core.mydomain.hu NT_STATUS_OK: Success > (0x0) # ntlm_auth --username=abc_airween --password=GOODPASS > --domain=CORE --target-hostname=open-ldap.core.mydomain.hu > NT_STATUS_OK: Success (0x0) > > # ntlm_auth --username=abc_airween --password=WRONGPASS --domain=CORE > --target-hostname=open-ldap.core.mydomain.hu > NT_STATUS_WRONG_PASSWORD: Wrong Password (0xc000006a) # ntlm_auth > --username=abc_airween --password=WRONGPASS # --domain=CORE > --target-hostname=open-ldap2.core.mydomain.hu > NT_STATUS_WRONG_PASSWORD: Wrong Password (0...

...en --password=GOODPASS --domain=CORE --target-hostname=open-ldap2.core.mydomain.hu NT_STATUS_OK: Success (0x0) # ntlm_auth --username=abc_airween --password=GOODPASS --domain=CORE --target-hostname=open-ldap.core.mydomain.hu NT_STATUS_OK: Success (0x0) # ntlm_auth --username=abc_airween --password=WRONGPASS --domain=CORE --target-hostname=open-ldap.core.mydomain.hu NT_STATUS_WRONG_PASSWORD: Wrong Password (0xc000006a) # ntlm_auth --username=abc_airween --password=WRONGPASS # --domain=CORE --target-hostname=open-ldap2.core.mydomain.hu NT_STATUS_WRONG_PASSWORD: Wrong Password (0xc000006a) so, looks lik...

...10.10.10.30 110 +OK Server. <861.2.46e6c679.jZ8QYpFmU8ZN6XIq7zPhkw==@server2> user testuser +OK pass pass +OK Logged in. quit +OK Logging out. Connection closed by foreign host. $telnet 10.10.10.30 110 +OK Server. <861.4.46e6c68d.CBp+UUDmBlyfxy8yqnu4MQ==@server2> user testuser +OK pass wrongpass -ERR Authentication failed. quit +OK Logging out Connection closed by foreign host. $telnet 10.10.10.30 110 +OK Server. <861.5.46e6c6aa.1SB5iDeA707TlaISooTumg==@server2> user testuser +OK pass pass -ERR [IN-USE] Internal login failure. Refer to server log for more information. Connection clos...

...denied. require ''rubygems'' require ''mechanize'' agent = WWW:Mechanize.new() login = agent.get("http://server/login.php") form = login.forms.action("dorf1.php") form.fields[2].value = "wronguser" # login form.fields[3].value = "wrongpass" # password dorf1 = form.submit() dorf1.uri # => #<URI::HTTP:0x15af2e04dc7c URL:http://server/dorf1.php> But the page we got was "login.php" (a bit altered: "access denied", etc.) So the URI of the page returned by form.submit() isn''t updated if ther...

...uth: Warning: auth client 0 disconnected with 1 pending >>>>> requests: EOF: 12 Time(s) Which probably happens when Postfix disconnects from Dovecot before the authentication has finished. I can reproduce these if I set up PAM authentication and then do: doveadm auth test testuser wrongpass <ctrl-c> Repeat the above a few times. Each time logs: Nov 26 13:36:13.588354 auth: Warning: auth client 0 disconnected with 1 pending requests: EOF Then stop Dovecot (or auth process at least): Nov 26 13:36:23.403778 auth: Warning: Event 0x561565277db0 leaked (parent=(nil)): auth-client-...

Hi Rowland, many thanks for your help, On Wed, Nov 08, 2017 at 11:00:59AM +0000, Rowland Penny wrote: > > On Wed, 8 Nov 2017 11:18:10 +0100 > Ervin Hegedüs <airween at gmail.com> wrote: > > > > ======== > > open-ldap: ... > > -------- > > /etc/resolv.conf > > search core.mydomain.hu > > nameserver 127.0.0.1 > > nameserver

...posted the details including the output of dovevcot -n. 1) command prompt login. i put wrong password telnet x.x.x.x 143 * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE START TLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] ready. 1 login acc at mydomain.com wrongpass 1 NO [AUTHENTICATIONFAILED] Authentication failed. 2) DOVECOT LOG output CURRENT SERVER Nov 28 08:48:39 imap-login: Info: Disconnected (auth failed, 1 attempts in 72 secs): user=<acc at mydomain.com, method=PLAIN, rip=120.62.202.70, lip=103.241.181.155, session=<4PxKs+II2QB4PspG> OLD...

...this situation? # telnet 0 143 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready. o login validuser validpass o OK [CAPABILITY IMAP4rev1 LITERAL+ SASL o login validuser wrongpass o NO [UNAVAILABLE] Temporary authentication failure. o login non-existant anypass * OK Waiting for authentication process to respond.. Here is output of dovecot -n # OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final) auth_debug = yes auth_verbose = yes base_dir = /var/run/do...

On 3 Nov 2018, at 17.41, Mart Pirita <sysadmin at e-positive.ee> wrote: > > Hi, > > > But this harmless is spamming logs, so how to disable it: > > grep auth-client-connection.c:338 maillog | wc -l > 1259 Actually this specific event leak isn't a known issue. I don't really understand how it could happen. These event leaks are supposed to be checked