From owner-freebsd-questions@FreeBSD.ORG  Tue May  9 07:51:35 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5C54216A40A
	for <freebsd-questions@freebsd.org>;
	Tue,  9 May 2006 07:51:35 +0000 (UTC)
	(envelope-from bsd@bathnetworks.com)
Received: from lmail.bathnetworks.co.uk (mail.bathnetworks.com [84.92.24.252])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 587C643D55
	for <freebsd-questions@freebsd.org>;
	Tue,  9 May 2006 07:51:33 +0000 (GMT)
	(envelope-from bsd@bathnetworks.com)
Received: (qmail 27763 invoked by uid 510); 9 May 2006 08:59:17 +0100
Received: from 192.168.0.104 by lmail.bathnetworks.co.uk (envelope-from
	<bsd@bathnetworks.com>, uid 508) with qmail-scanner-1.24-st-qms 
	(clamdscan: 0.88/1261. spamassassin: 3.0.2. perlscan: 1.24-st-qms.  
	Clear:RC:0(192.168.0.104):SA:0(-4.5/5.0):. 
	Processed in 20.763539 secs); 09 May 2006 07:59:17 -0000
X-Spam-Status: No, hits=-4.5 required=5.0
X-Antivirus-MYDOMAIN-Mail-From: bsd@bathnetworks.com via
	lmail.bathnetworks.co.uk
X-Antivirus-MYDOMAIN: 1.24-st-qms (Clear:RC:0(192.168.0.104):SA:0(-4.5/5.0):.
	Processed in 20.763539 secs Process 27756)
Received: from unknown (HELO ubuntu.bathnetworks.local.bathnetworks.local)
	(bsd@bathnetworks.com@192.168.0.104)
	by lmail.bathnetworks.co.uk with SMTP; 9 May 2006 08:58:56 +0100
From: robert <bsd@bathnetworks.com>
To: "Z.C.B." <vvelox@vvelox.net>
In-Reply-To: <20060508184412.4ccbf90c@vixen42.vulpes>
References: <7daacbbe0601181356q131bc2d7kd044d924e13079f2@mail.gmail.com>
	<20060507174256.09c33510@vixen42.vulpes>
	<df9ac37c0605080827i77a836afje0635ef748419e8d@mail.gmail.com>
	<20060508182308.6e8d9aac@vixen42.vulpes>
	<df9ac37c0605081631q283c691ah8c9f7af94e683ca3@mail.gmail.com>
	<20060508184412.4ccbf90c@vixen42.vulpes>
Content-Type: text/plain
Date: Tue, 09 May 2006 08:50:45 +0100
Message-Id: <1147161045.9552.12.camel@localhost.localdomain>
Mime-Version: 1.0
X-Mailer: Evolution 2.4.1 
Content-Transfer-Encoding: 7bit
Cc: Atom Powers <atom.powers@gmail.com>, freebsd-questions@freebsd.org,
	Dominique Goncalves <dominique.goncalves@gmail.com>
Subject: Re: nsswitch.conf with ldap
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 May 2006 07:51:35 -0000

On Mon, 2006-05-08 at 18:44 -0500, Z.C.B. wrote:
> On Mon, 8 May 2006 16:31:04 -0700
> "Atom Powers" <atom.powers@gmail.com> wrote:
> 
> > On 5/8/06, Z.C.B. <vvelox@vvelox.net> wrote:
> > > On Mon, 8 May 2006 08:27:33 -0700
> > > "Atom Powers" <atom.powers@gmail.com> wrote:
> > >
> > > > On 5/7/06, Z.C.B. <vvelox@vvelox.net> wrote:
> > > > > On Wed, 18 Jan 2006 22:56:09 +0100
> > > > > Dominique Goncalves <dominique.goncalves@gmail.com> wrote:
> > > > >
> > > > > >
> > > > > > Why FreeBSD tries to use ldap database if my user system is
> > > > > > on files ? Thanks for the help.
> > > > >
> > > > > Did you ever find a fix for this? I am running into the same
> > > > > thing myself.
> > > >
> > > > Check your pam.d configuration, particularly /etc/pam.d/login
> > >
> > > Probally a silly question, but how would that help with this
> > > problem?
> > >
> > 
> > pam controls how each application, including "login" attempts to
> > authenticate. nss controls how user, host information is looked up.
> > 
> > I don't know if it will help your problem, I'm struggling through my
> > own pam/nss/ldap issues, but it is a part of the picture.
> 
> I am curious. Do you run into problems with SSH and xterm, but
> everything else works? That is what I am currently hitting.
> 
> initgroups(kitsune,1001): Invalid argument
> 
> Is what it is kicking into /var/log/messages. That is right after I
> authenticate.

Not sure if this has a bearing on the problem. From the samba by example
web pages whenrefering to ldap:

Some Linux systems (Novell SUSE Linux in particular) add entries to the
nsswitch.conf file that may cause operational problems with the
configuration methods adopted in this book. It is advisable to comment
out the entries passwd_compat and group_compat where they are found in
this file.

I too have this problem. Logins worked ok with earlier versions. I had a
setup which worked fine (can't get at the machine at present) that had
no nis line present on the initial install, but when I tried setting up
another machine the nis line has appeared. From my notes nsswitch.conf
looked like this with an earlier version of freebsd and worked ok:

passwd: files ldap
shadow: files ldap
group:  files ldap
hosts:  files dns
networks: files
shells: files

Now without the compat: nis line logins fail.

Rob