LDAP server gone -> impossible to login locally!
Daniel O'Connor
doconnor at gsoft.com.au
Tue Sep 22 13:18:24 UTC 2009
On Tue, 22 Sep 2009, O. Hartmann wrote:
> I run into trouble with FreeBSD and LDAP on a regular basis!
>
> Sometimes it is necessary to log in onto a bunch of servers with no
> LDAP service responding, due to service, crash, eletrically
> disconnetion, whatever. The problem is: I can't.
> Using all prerequisits from ports (pam_ldap/nss_ldap/ldap as most
> recent) my /etc/nsswitch.conf looks like this as it has been the most
> reasonable (and only working!) solution for the past 2 years:
>
> passwd: ldap [unavail=continue notfound=continue] files
> [success=return notfound=return]
I just have
passwd: cache files ldap
group: cache files ldap
and I can login as root locally without any delay.
That said my LDAP server is on the same machine so perhaps it fails
faster. I am using "uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/" to
connect to.
--
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
-- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20090922/fe752711/attachment.pgp
More information about the freebsd-current
mailing list