Jorg, I do not have the answer for you. One comment I have is that the GUI login will use different PAM modules from the command line ssh login. If you are looking for differences between your CentOS machine and Ubuntu I would also start by listing the PAM modules.
I speak as someone who has a nagging problem with nslcd - I have two servers which should be identical, and on one I cannot 'sudo' with my account. It is possible to stop the nslcd.service and run nslcd -d in a terminal - this did not help me, it might help you. On 16 January 2018 at 00:35, Jörg Saßmannshausen < sassy-w...@sassy.formativ.net> wrote: > Dear all, > > reading the Cluster Authentication (LDAP,AD) thread which was posted at the > end of last year reminds me of a problem we are having. > > For our Ubuntu 14 virtual machines we are authenticating against AD and I > am > using the nslcd daemon to do that. > This is working very well in a shell, i.e. when I am doing this in a shell: > > $ su -l USER > > It is fast, it is creating the home directory if I need it (or not if I > want > to mount the file space elsewhere and use a local home) and the standard > lookup > tools like > > $ getent password USER > > are fast as well. > > However, and here is where I am stuck: when I want to log in to the machine > using the GUI, this takes forever. We measures it and it takes up to 90 > sec. > until it finally works. I also noticed that it is not reading the > /etc/nslcd.conf file but either /etc/ldap.conf or /etc/ldap/ldap.conf. The > content of the ldap.conf file is identical with the nslcd.conf file. I am > using > TLS and not SSL for the secure connection . > Furthermore, and here I am not sure whether it is the same problem or a > different one, if I want to ssh into the Ubuntu VM, this also take a very > long > time (90 sec) until I can do that. > Strangely enough, our HPC cluster is using nslcd as well (I used that > nslcd.conf file as a template for the Ubuntu setup), authenticating > against the > same AD and that works instantaneous. > > Does anybody has some ideas of where to look at? It somehow puzzles me. > I am a bit inclined to say the problem is within Ubuntu 14 as the cluster > is > running CentOS and my Debian chroot environment ist Stretch. > > All the best from London > > Jörg > > _______________________________________________ > Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing > To change your subscription (digest mode or unsubscribe) visit > http://www.beowulf.org/mailman/listinfo/beowulf >
_______________________________________________ Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
