[Arthur de Jong] > Implementing such a search shouldn't be too hard. What I'm working > on now tries the first value of the defaultNamingContext attribute > and falls back to the first value of the namingContexts attribute.
Sound very good. > You can also currently specify: > base DOMAIN > to build a basdn based on the system's domain (e.g. construct > dc=example,dc=com when running on myhost.example.com). Does not work in the setting I need it, unfortunately. :) > With nss-ldapd you can specify > uri DNS > in /etc/nss-ldapd.conf to look up SRV records (see the manual page for > details). Ah, cool. But this do not work for me. It report this error for one machine: nslcd: /etc/nss-ldapd.conf:2: no servers found in DNS zone localdomain I suspect the algoritm used is slightly flawed. DNS lookup work, but the dnsdomainname value is bogus. ocalhost:/etc# dnsdomainname localdomain localhost:/etc# cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 10.70.1.1 nameserver 10.70.1.2 search intern skolen.local localhost:/etc# host -N 2 -t srv _ldap._tcp _ldap._tcp.skolen.local has SRV record 0 100 389 skoledc03.skolen.local. _ldap._tcp.skolen.local has SRV record 0 100 389 skoledc02.skolen.local. _ldap._tcp.skolen.local has SRV record 0 100 389 nos06dc003.skolen.local. _ldap._tcp.skolen.local has SRV record 0 100 389 helvgrs0001.skolen.local. _ldap._tcp.skolen.local has SRV record 0 100 389 skoledc01.skolen.local. _ldap._tcp.skolen.local has SRV record 0 100 389 skoledc05.skolen.local. _ldap._tcp.skolen.local has SRV record 0 100 389 nos06dc004.skolen.local. _ldap._tcp.skolen.local has SRV record 0 100 389 skoledc04.skolen.local. localhost:/etc# > I think nss_ldap does this if you don't specify any URIs or > hosts. Maybe pam_ldap does something similar. I suspect it is broken. At least <URL:http://bugzilla.padl.com/show_bug.cgi?id=80> indicate it. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
