Re: nsswitch.conf with nss_ldap

To: netbsd-users%netbsd.org@localhost
Subject: Re: nsswitch.conf with nss_ldap
From: Matthias Pfaller <leo%marco.de@localhost>
Date: Fri, 19 Feb 2010 21:36:59 +0100

matthew sporleder wrote:

2010/2/17 Dima Veselov <i%kab00m.ru@localhost>:

Hi,

I have met a problem, concerning nss_ldap usage - OpenLDAP slapd is running
in unpriveledged mode, so at start it try to resolve '-u slapd' and catch
itself - nss_ldap is trying to resolve, but slapd isn't yet ready. If nss_ldap
is turned in hard mode - this situation cause server to stall forever.
Having user slapd in /etc/passwd, I tried to use nsswitch.conf entry as follows:

passwd: files [success=return] ldap

But it really doesn't work. What usually people do to start it easily on files 
and continue on ldap?


In general you can't use nss_ldap on the ldap server itself.


You can. But you have to add

       group:          files [success=return] ldap
       passwd:         files [success=return] ldap

to your /etc/nsswitch.conf and you must add

       nss_initgroups_ignoreusers slapd,root

to your /etc/openldap/ldap.conf (/usr/pkg/etc/nss_ldap.conf,/usr/pkg/etc/pam_ldap.conf).


Regards, Matthias

Follow-Ups:
- Re: nsswitch.conf with nss_ldap
  - From: Dima Veselov

References:
- nsswitch.conf with nss_ldap
  - From: Dima Veselov
- Re: nsswitch.conf with nss_ldap
  - From: matthew sporleder

Prev by Date: Re: Trackpoint in the Thinkpad notebook
Next by Date: Re: nsswitch.conf with nss_ldap
Previous by Thread: Re: nsswitch.conf with nss_ldap
Next by Thread: Re: nsswitch.conf with nss_ldap
Indexes:

Home | Main Index | Thread Index | Old Index