Then am I misinterpreting the fact that getent shadow returns data on ldap users when ldap is up but not when it's down? I guess I don't understand where that shadow data comes from when LDAP is up. I just did some brief testing on installing sssd and there's a ton of fedora packages I'll need to pull. Is anyone aware of any successful attempts in using sssd on CentOS 5? On Jul 15, 2010, at 11:07 AM, Gordon Messmer wrote: > On 07/15/2010 09:15 AM, Brian Marshall wrote: >> >> The problem still remains, when the LDAP server is offline there is >> no shadow data cached so LDAP users can not authenticate on cached >> data despite caching and local auth sufficient being enabled in >> authconfig . > > Most LDAP servers don't provide the hash that you expect from "shadow > data", so it isn't possible for nscd to cache anything. Login with LDAP > is normally an interactive process, handled by the LDAP server. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos