On Tue, 2007-10-09 at 16:14 +0200, Tronn Wærdahl wrote: > Im running CentOS 5 with samba configured as PDC, with samba 3.0.24 > and openldap-servers-2.3.30-2. > My /etc/nsswitch.conf is like this: > > passwd: files ldap > shadow: files ldap > group: files ldap > > The problem is when I try to restart LDAP (/etc/init.d/ldap restart) > then the init script just hangs. I suppose it will try to run slapd as > the ldap user > The ldap user is not in LDAP only in /etc/passwd, how can i configure > my system to look for users first in LDAP and then in /etc/passwd > > When I remove LDAP from my /etc/nsswitch.conf, so it looks like below > > passwd: files > shadow: files > group: files > > > then ldap start up nicely, but then my LDAP users can't sign in > > > I tried to do different changes in pam, but without any progress > > Please advice ---- been there, done that... add to bottom of /etc/ldap.conf timelimit 30 bind_timelimit 30 bind_policy soft nss_initgroups_ignoreusers root,ldap Craig