Date: Tue, 22 Sep 2009 22:48:06 +0930 From: "Daniel O'Connor" <doconnor@gsoft.com.au> To: freebsd-current@freebsd.org Cc: "O. Hartmann" <ohartman@zedat.fu-berlin.de>, freebsd-questions@freebsd.org Subject: Re: LDAP server gone -> impossible to login locally! Message-ID: <200909222248.16475.doconnor@gsoft.com.au> In-Reply-To: <4AB8BAA9.1060100@zedat.fu-berlin.de> References: <4AB8BAA9.1060100@zedat.fu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart6531400.HeUU1V82GJ Content-Type: text/plain; charset="iso-8859-15" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tue, 22 Sep 2009, O. Hartmann wrote: > I run into trouble with FreeBSD and LDAP on a regular basis! > > Sometimes it is necessary to log in onto a bunch of servers with no > LDAP service responding, due to service, crash, eletrically > disconnetion, whatever. The problem is: I can't. > Using all prerequisits from ports (pam_ldap/nss_ldap/ldap as most > recent) my /etc/nsswitch.conf looks like this as it has been the most > reasonable (and only working!) solution for the past 2 years: > > passwd: ldap [unavail=3Dcontinue notfound=3Dcontinue] files > [success=3Dreturn notfound=3Dreturn] I just have passwd: cache files ldap group: cache files ldap and I can login as root locally without any delay. That said my LDAP server is on the same machine so perhaps it fails=20 faster. I am using "uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/" to=20 connect to. =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart6531400.HeUU1V82GJ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) iD8DBQBKuM6Y5ZPcIHs/zowRAqa+AJ9Rx8SG9Ui1K5sG2h+ST3+EQFDXDACdG4wj hBHaZ7IT8+TGYPXjnxMr2Cc= =n101 -----END PGP SIGNATURE----- --nextPart6531400.HeUU1V82GJ--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909222248.16475.doconnor>