From owner-freebsd-stable@FreeBSD.ORG Sat Jan 21 04:22:31 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F7D116A420; Sat, 21 Jan 2006 04:22:31 +0000 (GMT) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 89E6E43D48; Sat, 21 Jan 2006 04:22:28 +0000 (GMT) (envelope-from doconnor@gsoft.com.au) Received: from inchoate.gsoft.com.au (ppp217-44.lns1.adl2.internode.on.net [203.122.217.44]) (authenticated bits=0) by cain.gsoft.com.au (8.13.5/8.13.4) with ESMTP id k0L4MMlT024651 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 21 Jan 2006 14:52:23 +1030 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" To: Dominique Goncalves Date: Sat, 21 Jan 2006 14:51:57 +1030 User-Agent: KMail/1.9.1 References: <200601201130.18872.doconnor@gsoft.com.au> <7daacbbe0601192341p32673972j8f309dff1df543aa@mail.gmail.com> In-Reply-To: <7daacbbe0601192341p32673972j8f309dff1df543aa@mail.gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1701812.RzZgelceIJ"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200601211452.16670.doconnor@gsoft.com.au> X-Spam-Score: 0 () X-Scanned-By: MIMEDefang 2.54 on 203.31.81.10 Cc: vsevolod@freebsd.org, freebsd-stable@freebsd.org Subject: Re: Using [Open]LDAP for authentication X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jan 2006 04:22:31 -0000 --nextPart1701812.RzZgelceIJ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Friday 20 January 2006 18:11, Dominique Goncalves wrote: > I've reported recently a problem with the same symptoms [1] but I use > this order in my nsswitch.conf "files ldap". > > All exemples I found on internet use this order. And if I understand > correctly, this order means, if a user is not found in files then it > tries on ldap? Yes, that is my understanding. I have also found another problem with using "files ldap" - both sudo and s= u=20 don't work. They both appear to fail to find that I am in wheel and hence=20 won't let me do anything :( If I have "ldap files" then they work OK. "ldap files" should work for bootup too except that nss_ldap seems to sleep= =20 trying to reconnect to the ldap server instead of giving up quickly. =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart1701812.RzZgelceIJ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQBD0bb45ZPcIHs/zowRArVCAJ9uW/58pVggv4JQAbLnOyCCFEc7KACeOc7J Nr3XuM6aNzDFAl9mbakLt9w= =4eLN -----END PGP SIGNATURE----- --nextPart1701812.RzZgelceIJ--