I guess openldap's clients use /etc/ldap/ldap.conf, and not /etc/*ldap.conf:
$ strace ldapsearch -x 2>&1 | grep ldap.conf open("/etc/ldap/ldap.conf", O_RDONLY|O_LARGEFILE) = 3 /etc/ldap/ldap.conf and /etc/libnss-ldap.conf (or pam_ldap.conf) have some slightly different entries, and should not be symlinked. On the other way, i think there's no problem to use only one file for NSS and PAM. In fact, i already use it, making a link from libnss- ldap.conf to pam_ldap.conf. To be more precise, we _SHOULD_ be using only one file for these two, just make a head in these two files, and note this line: "This is the configuration file for the LDAP nameservice switch library and the LDAP PAM module." -- libnss-ldap and libpam-ldap should use the same configuration file https://launchpad.net/bugs/17744 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs