Anthony wrote:
(I use a cron "nss_updatedb ldap" every 10 minutes (maybe it could be
more!!!) )
Interesting idea, was wondering how to solve this problem myself.
- nsswitch.conf:/
passwd: files db
shadow: files db
group: files db
/
Documentation I have seen recommended:
passwd: files ldap [NOTFOUND=return] db
group: files ldap [NOTFOUND=return] db
However, when I tried this the computer hang on boot, so I took
that LDAP stuff out.
I don't think the shadow part is required, at least it wasn't required
on my system. I believe programs call the account PAM service,
(presumably) will first try the pam_unix, which tries finding the
information shadow information in nss. If this fails, pam will then try
pam_ldap, which works. I am a bit puzzled why this seemed to work on my
system when the network was disconnected though...
//
Did you consider the nss-ldapd module? It have a local LDAP proxy
(nslcd) doing the connections to the LDAP server, so it would have it
easier to keep track of the connection status.
I tried that on a late prerelease of Ubuntu hardy; installing nss-ldapd
seemed to break nss_updatedb, as it moved /lib/libnss_ldap.so.2 to
/usr/lib/libnss_ldap.so.2
Possibly all I needed was a symlink, however I was in a hurry and didn't
try that.
My main concern is that I want to be able to reproduce the same setup on
multiple computers (possibly with different Linux distributions)... Its
kind of tedious to do this manually. Is it possible to automate this
without losing my sanity in the process?
Brian May
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
