Bug ID 755254: Remote auth: PAM_LDAP buffer too small errors

Last Modified: May 17, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP Install/Upgrade, TMOS(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4

Opened: Jan 11, 2019
Severity: 2-Critical

Symptoms

You are unable to log into the BIG-IP system using an LDAP account. The system might log the following message in /var/log/secure: -- crit httpd[28010]: pam_ldap(httpd:account): buffer 'buffer_size' too small. Note: This message might not be logged for all occurrences of this issue.

Impact

LDAP authentication not working properly.

Conditions

This occurs when the following conditions are met: -- Remote-LDAP authentication is configured. -- There is a user account with attributes longer than 255 characters in length. -- That user attempts a logon to the BIG-IP system.

Workaround

Configure user accounts with attributes shorter than 255 characters.

Fix Information

None

Behavior Change