Date: Sat, 4 Mar 2006 14:29:44 -0500 From: David Magda <dmagda@ee.ryerson.ca> To: Frode Nordahl <frode@nordahl.net> Cc: freebsd-stable@freebsd.org, Dmitriy Kirhlarov <dimma@higis.ru> Subject: Re: nss_ldap problem Message-ID: <845C4D29-2B82-47D5-B6AD-5BC118BDAF34@ee.ryerson.ca> In-Reply-To: <6F9C5982-E3FB-4EC2-9890-D685F2ABCC34@nordahl.net> References: <20060226081431.GA813@dimma.mow.oilspace.com> <6F9C5982-E3FB-4EC2-9890-D685F2ABCC34@nordahl.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 4, 2006, at 04:04, Frode Nordahl wrote: >> /etc/nsswitch.conf >> group: ldap files >> hosts: files dns >> networks: files >> passwd: ldap files >> shells: files >> imap: ldap > > Why do you have "ldap" first? I would use "files ldap" in any case > so local changes can override the directory. And if there's an issue with the network, things will slow down to a crawl when the system is waiting for the LDAP server to respond (which it won't, so you're waiting for the time out to occur). Another scenario is when you boot up in single user mode: if you do an 'ls -l' the UIDs need to be looked up to display the usernames by default, so the passwd look up is performed, and since the network hasn't been brought up you're waiting for the timeout.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?845C4D29-2B82-47D5-B6AD-5BC118BDAF34>