ldap login bind password request

Document ID : KB000125660
Last Modified Date : 26/02/2019
Show Technical Document Details
Question:
At the "Credentials -> Reports -> Run -> View Password Requests" we are seeing repeated "ldap login bind password request".
Why are we seeing this?
 
Answer:
"ldap login bind password request" message appears in the "View Password Request" report because of the following configuration.
"Configuration -> 3rd Party -> LDAP -> LDAP Domains -> Domain -> LDAP Configuration -> Update Interval (minutes)". 

This controls how frequently PAM would check with LDAP to synchronize the LDAP Groups.
This is not a mandatory field so it should accept empty value in case if you decide to disable the auto-synchronization of LDAP Groups.
This would come with a caveat that you must manually synchronize the LDAP Groups at your desired interval MANUALLY otherwise the users may fail to login.
Each time PAM tries to synchronize with LDAP server it would require to fetch the user credential associated to contact the LDAP server and this is the reason why you will see "ldap login bind password request" in the "View Password Request".

In case if you are not able to enter an empty value for "Update Interval (minutes)", it is fixed on PAM 3.2.5 and PAM 3.3.0