app contacts does not provide password to LDAP server
Hello,
I am using a new Macbook Pro (15-inch, 2017) with macOS Sierra 10.12.6
I set up an LDAP account in the system preferences for using in contacts.
I did the same on my iPhone and iPad where searches work very well.
But on the Mac I do not get it managed.
I tried it by using ldapsearch and it works:
Herberts-MBP:Contents herbertgruben$ ldapsearch -H ldaps://fam-gruben-01 -LLL -b "dc=familie-gruben,dc=de" -D "uid=Herbert Gruben,ou=Benutzer,dc=familie-gruben,dc=de" -W "(&(|(givenName=pin49*)(sn=pin49*)(mail=pin49*)(cn=pin49*)))"
Enter LDAP Password:
dn: cn=pin49,ou=Anmeldungsbuch,dc=familie-gruben,dc=de
cn: pin49
objectClass: inetOrgPerson
sn: xxxx
street: xxxx
The log of the LDAP Server:
5999ca4b conn=1058 fd=4 ACCEPT from IP=192.168.100.233:56859 (IP=0.0.0.0:636)
5999ca4b conn=1058 fd=4 TLS established tls_ssf=256 ssf=256
5999ca4b conn=1058 op=0 BIND dn="uid=Herbert Gruben,ou=Benutzer,dc=familie-gruben,dc=de" method=128
5999ca4b conn=1058 op=0 BIND dn="uid=Herbert Gruben,ou=Benutzer,dc=familie-gruben,dc=de" mech=SIMPLE ssf=0
5999ca4b conn=1058 op=0 RESULT tag=97 err=0 text=
5999ca4b conn=1058 op=1 SRCH base="dc=familie-gruben,dc=de" scope=2 deref=0 filter="(&(|(givenName=pin49*)(sn=pin49*)(mail=pin49*)(cn=pin49*)))"
5999ca4b <= bdb_equality_candidates: (objectClass) not indexed
5999ca4b <= bdb_substring_candidates: (givenName) not indexed
5999ca4b <= bdb_substring_candidates: (mail) not indexed
5999ca4b <= bdb_substring_candidates: (cn) not indexed
5999ca4b conn=1058 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
5999ca4b conn=1058 op=2 UNBIND
5999ca4b conn=1058 fd=4 closed
Doing the same but without enter a password (just return) the server log looks like this:
5999cd16 conn=1059 fd=4 ACCEPT from IP=192.168.100.233:56869 (IP=0.0.0.0:636)
5999cd16 conn=1059 fd=4 TLS established tls_ssf=256 ssf=256
5999cd16 conn=1059 op=0 BIND dn="uid=Herbert Gruben,ou=Benutzer,dc=familie-gruben,dc=de" method=128
5999cd16 conn=1059 op=0 RESULT tag=97 err=53 text=unauthenticated bind (DN with no password) disallowed
5999cd16 conn=1059 op=1 UNBIND
5999cd16 conn=1059 fd=4 closed
and if I try a search in contacts towards the LDAP:
5999cd40 conn=1060 fd=4 ACCEPT from IP=192.168.100.233:56870 (IP=0.0.0.0:636)
5999cd40 conn=1060 fd=4 TLS established tls_ssf=256 ssf=256
5999cd40 conn=1060 op=0 BIND dn="uid=Herbert Gruben,ou=Benutzer,dc=familie-gruben,dc=de" method=128
5999cd40 conn=1060 op=0 RESULT tag=97 err=53 text=unauthenticated bind (DN with no password) disallowed
5999cd40 conn=1060 op=1 UNBIND
5999cd40 conn=1060 fd=4 closed
It is the exact outcome. Does the contacts app not send the password ?
Any help appreciated, thanks!
MacBook Pro, macOS Sierra (10.12.6), 15-inch, 2017