Date: Mon, 10 Jul 2006 15:27:39 +0200 From: Eric Masson <e-masson@kisoft-services.com> To: Dominik Zalewski <dzalewski@open-craft.com> Cc: freebsd-stable@freebsd.org, "UEMURA \(fka. MAENAKA\) Tetsuya" <maenaka@pluto.dti.ne.jp> Subject: Re: slapd - slow starting Message-ID: <86fyh9tws4.fsf@srvbsdnanssv.interne.kisoft-services.com> In-Reply-To: <200607101600.56911.dzalewski@open-craft.com> (Dominik Zalewski's message of "Mon, 10 Jul 2006 16:00:56 %2B0300") References: <200607101327.23403.dzalewski@open-craft.com> <200607102113.14004.doconnor@gsoft.com.au> <200607101600.56911.dzalewski@open-craft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dominik Zalewski <dzalewski@open-craft.com> writes: Hi, > Problem is after I change things in /dev/nsswitch.conf. If I live it like > this: > > group: compat > passwd: compat > > I start slapd using /etc/rc.d/slapd start , then I change /etc/nsswitch.conf > to: > > group: files ldap > passwd: files ldap > > Everything is fine and users can login via ssh using their ldap password. I > can boot server with first configuration and run some script that will copy > second nsswitch.conf , but I dont like this solution and I dont understand > why its not working. Chicken & Egg problem, the system queries the ldap backend to get informations about the account it will use to start the ldap backend. I've made a change to /etc/rc.d/slapd that copies a ldap disabled nsswitch.conf to /etc in start_precmd() and then a ldap enabled nsswitch.conf to /etc in start_postcmd(). I've tried to toy with backend options in nsswitch.conf but no luck atm. Seems I'm not alone, see <20060707161801.GB42118@dimma.mow.oilspace.com> regarding "nsswitch.conf problem with group status code" group: files [success=return notfound=continue unavail=continue tryagain=continue] ldap passwd: files [success=return notfound=continue unavail=continue tryagain=continue] ldap Regards Éric Masson -- l'anarchie, c'est pt'etre pas genial comme mode de gouvernement, mais c'est mieux que pas de gouvernement du tout. -+- Kevin in <http://www.le-gnu.net>; -+- Ni Root, ni Maître. -+-
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86fyh9tws4.fsf>