|
|
nsswitch.conf issues with LDAP Auth?: msg#00012ldap.padl.nss
Hello all, I seem to be having some issues with getting auth requests to not lookup the ldap server if the account is local and have tried everthing and am stumped. Heres a rundown... What I'm doing: I have a pair of LDAP boxes, which ~thirty systems are looking up for authentication via LDAP. Auth all works well. No issues there. The issue, however is that.. Even with local system accounts (root, www-data, postfix, etc), the systems are still contacting the LDAP servers, and I just don't see why (considering I have Files specified first in nsswitch.conf and pam_unix.so first in all the pam confs). Ideally, if the accounts are local, I'd like the systems to say 'ok, we have our account, now lets not query the LDAP server' Anyhow, heres my confs: nsswitch.conf- passwd: files ldap group: files ldap shadow: files ldap sudoers: files ldap hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis common-auth: auth sufficient pam_unix.so nullok_secure auth sufficient pam_ldap.so use_first_pass auth required pam_permit.so common-account: account sufficient pam_unix.so account sufficient pam_ldap.so account required pam_permit.so common-password: password sufficient pam_unix.so nullok md5 shadow obscure min=4 max=8 password sufficient pam_ldap.so use_first_pass password required pam_permit.so common-session: session optional /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022 session sufficient pam_unix.so session sufficient pam_ldap.so Oh, and software versions: libldap2 2.1.30-3 libnss-ldap 238-1 libpam-ldap 180-1 Soooo, anyone seen the same symptoms? Any ideas or sugestions would be very helpful Regards, -- Daniel Cross Systems Administrator Cell +64 21535975 WorldxChange DDI +64 9 9501354 |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Active Directory Windows Script to set UNIX Attributes: 00012, Howd, Walt |
|---|---|
| Next by Date: | Re: nsswitch.conf issues with LDAP Auth?: 00012, Josh Miller |
| Previous by Thread: | Active Directory Windows Script to set UNIX Attributesi: 00012, Howd, Walt |
| Next by Thread: | Re: nsswitch.conf issues with LDAP Auth?: 00012, Josh Miller |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | Mail Home | sitemap | FAQ | advertise |