From owner-freebsd-questions@FreeBSD.ORG  Tue May  9 03:28:10 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 905C116A466
	for <freebsd-questions@freebsd.org>;
	Tue,  9 May 2006 03:28:10 +0000 (UTC)
	(envelope-from vvelox@vvelox.net)
Received: from mail07.powweb.com (mail07.powweb.com [66.152.97.40])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7EE1243DA0
	for <freebsd-questions@freebsd.org>;
	Tue,  9 May 2006 03:27:22 +0000 (GMT)
	(envelope-from vvelox@vvelox.net)
Received: from vixen42.vulpes (24-119-225-24.cpe.cableone.net [24.119.225.24])
	by mail07.powweb.com (Postfix) with ESMTP id 90DA814DA1F
	for <freebsd-questions@freebsd.org>;
	Mon,  8 May 2006 20:27:21 -0700 (PDT)
Date: Mon, 8 May 2006 22:27:47 -0500
From: "Z.C.B." <vvelox@vvelox.net>
To: freebsd-questions@freebsd.org
Message-ID: <20060508222747.71ce917c@vixen42.vulpes>
In-Reply-To: <20060509021620.GB65368@dan.emsphone.com>
References: <7daacbbe0601181356q131bc2d7kd044d924e13079f2@mail.gmail.com>
	<20060507174256.09c33510@vixen42.vulpes>
	<df9ac37c0605080827i77a836afje0635ef748419e8d@mail.gmail.com>
	<20060508182308.6e8d9aac@vixen42.vulpes>
	<df9ac37c0605081631q283c691ah8c9f7af94e683ca3@mail.gmail.com>
	<20060508184412.4ccbf90c@vixen42.vulpes>
	<df9ac37c0605081717i34f3158dwdf1e7c1cf2c4620d@mail.gmail.com>
	<20060509021620.GB65368@dan.emsphone.com>
X-Mailer: Sylpheed-Claws 2.1.1 (GTK+ 2.8.17; i386-portbld-freebsd5.4)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: nsswitch.conf with ldap
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 May 2006 03:28:10 -0000

On Mon, 8 May 2006 21:16:20 -0500
Dan Nelson <dnelson@allantgroup.com> wrote:

> In the last episode (May 08), Atom Powers said:
> > On 5/8/06, Z.C.B. <vvelox@vvelox.net> wrote:
> > >> I don't know if it will help your problem, I'm struggling
> > >> through my own pam/nss/ldap issues, but it is a part of the
> > >> picture.
> > >
> > >I am curious. Do you run into problems with SSH and xterm, but
> > >everything else works? That is what I am currently hitting.
> > >
> > >initgroups(kitsune,1001): Invalid argument
> 
> man initgroups:
> 
>     ERRORS
>         The initgroups() function may fail and set errno for any of
> the errors specified for the library function setgroups(2).
> 
> man setgroups:
> 
>     [EINVAL] The number specified in the ngroups argument is larger
>              than the NGROUPS limit.
> 
> Either get out of some groups, or raise NGROUPS (this may affect NFS
> though).

Nope. I built my LDAP user and group entries from my NIS group
entries. If I put it back to "files nis" from "files ldap" it works.


> > > Is what it is kicking into /var/log/messages. That is right
> > > after I authenticate.
> > 
> > No, my problem is with local login when the LDAP server is
> > unavailable. It hangs for about two minutes before logging in. I
> > think I've tracked this down to an nss timeout somewhere.
> 
> Newer version of nss_ldap have timeout veriables to adjust this, but
> your best solution would be to set up another ldap server and put
> them both in your ldap.conf so you'll never be without one.

It still waits.