Date: Tue, 13 Mar 2007 09:10:10 +0100 From: "Pietro Cerutti" <pietro.cerutti@gmail.com> To: "Jonathan McKeown" <jonathan@hst.org.za>, "Gerhard Schmidt" <estartu@augusta.de>, "FreeBSD Users Questions" <freebsd-questions@freebsd.org> Subject: Re: nss_ldap and openldap on the same server. Message-ID: <e572718c0703130110r5ac12e17l4b47c27d2d736ad0@mail.gmail.com> In-Reply-To: <200703131001.10355.jonathan@hst.org.za> References: <20070312141915.GA1842@augusta.de> <e572718c0703121607n57d1c28co915638069262042a@mail.gmail.com> <20070313071641.GA18856@augusta.de> <200703131001.10355.jonathan@hst.org.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3/13/07, Jonathan McKeown <jonathan@hst.org.za> wrote: > > The only ``workaround'' I've seen suggested is the parameter introduced > recently in nss_ldap: > > nss_initgroups_ignoreusers Right, now I remember that once I had this problem too... Another workaround would be to have two different nsswitch.conf files, one with and another without the ldap database entry, and then switch between them as part of ldap start / stop routines. - your system has the nsswitch.conf w/out ldap by default - when ldap starts, it substitutes it with the nsswitch.ch file w/ ldap entries - when ldap stops, it restores the original file > Jonathan -- Pietro Cerutti - ASCII Ribbon Campaign - against HTML e-mail and proprietary attachments www.asciiribbon.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e572718c0703130110r5ac12e17l4b47c27d2d736ad0>