Bug#758513: fails to authenticate if multiple LDAP results match, misleading error message

[Stefan Fritsch <sf@sfritsch.de>]

On Sunday 05 October 2014 12:04:12, Daniel Pocock wrote:
> The bug report is not for the behavior (I agree it makes sense to
> deny the login), it is a problem with the error message.
> 
> The error message says "user daniel not found" - but for this
> particular case, the error should be something like "multiple
> entries in the directory match the filter for digest username
> daniel"

Assuming that this concerns apache2 2.4.x: That message comes from 
mod_auth_basic. There is no API that mod_authnz_ldap could use to pass 
a different error message to mod_auth_basic. mod_authnz_ldap should 
however log a more detailed message at level debug. (Try "Loglevel 
authnz_ldap:debug") Did that not work, did you not try that, or would 
you argue that the message should be at a different log level?