[CentOS] Look for users in both LDAP and /etc/passwd

Tronn Wærdahl tronnw at gmail.com
Tue Oct 9 15:12:27 UTC 2007


On 10/9/07, Craig White <craigwhite at azapple.com> wrote:
>
> On Tue, 2007-10-09 at 16:14 +0200, Tronn Wærdahl wrote:
> > Im running CentOS 5 with samba configured as PDC, with samba 3.0.24
> > and  openldap-servers-2.3.30-2.
> > My /etc/nsswitch.conf is like this:
> >
> > passwd:     files ldap
> > shadow:     files ldap
> > group:        files ldap
> >
> > The problem is when I try to restart LDAP (/etc/init.d/ldap restart)
> > then the init script just hangs. I suppose it will try to run slapd as
> > the ldap user
> > The ldap user is not in LDAP only in /etc/passwd, how can i configure
> > my system to look for users first in LDAP and then in /etc/passwd
> >
> > When I remove LDAP from my /etc/nsswitch.conf, so it looks like below
> >
> > passwd:     files
> > shadow:     files
> > group:        files
> >
> >
> > then ldap start up nicely, but then my LDAP users can't sign in
> >
> >
> > I tried to do different changes in pam, but without any progress
> >
> > Please advice
> ----
> been there, done that...
>
> add to bottom of /etc/ldap.conf
>
> timelimit 30
> bind_timelimit 30
> bind_policy soft
> nss_initgroups_ignoreusers root,ldap
>
> Craig
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



Thanks Craig

That solved my problem

Thank you

Tronn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20071009/0ea6b335/attachment.html>


More information about the CentOS mailing list