Description of problem:
We have an LDAP server that does not allow anonymous binds and requires PIN+token being used as the password when doing simple authentication (= the transferred password is different on every login).

Accessing said server works just fine with these conditions using ldapsearch, ldapvi and python-ldap, but not when using Ruby's Net::LDAP (and thus Satellite).

The problem seems to be that Net::LDAP doesn't keep the connection to the server open, and ends up needing more than one LDAP query, so also more than one connection and there the token doesn't match anymore and you can't login.

Version-Release number of selected component (if applicable):
6.11, 6.13 (that's the ones I tested with)

How reproducible:
100%

Steps to Reproduce:
1. setup ldap auth with the account field set to something like "uid=$login,ou=users,dc=redhat,dc=com" so that the bind happens with the logging in user
2. try to login

Actual results:
login not possible

Expected results:
login possible

Additional info:
This seems to be a known issue in Net::LDAP: https://github.com/ruby-ldap/ruby-net-ldap/issues/11