nsswitch.conf with ldap

Z.C.B. vvelox at vvelox.net
Tue May 9 16:36:03 UTC 2006 

On Tue, 09 May 2006 08:50:45 +0100
robert <bsd at bathnetworks.com> wrote:

> On Mon, 2006-05-08 at 18:44 -0500, Z.C.B. wrote:
> > On Mon, 8 May 2006 16:31:04 -0700
> > "Atom Powers" <atom.powers at gmail.com> wrote:
> > 
> > > On 5/8/06, Z.C.B. <vvelox at vvelox.net> wrote:
> > > > On Mon, 8 May 2006 08:27:33 -0700
> > > > "Atom Powers" <atom.powers at gmail.com> wrote:
> > > >
> > > > > On 5/7/06, Z.C.B. <vvelox at vvelox.net> wrote:
> > > > > > On Wed, 18 Jan 2006 22:56:09 +0100
> > > > > > Dominique Goncalves <dominique.goncalves at gmail.com> wrote:
> > > > > >
> > > > > > >
> > > > > > > Why FreeBSD tries to use ldap database if my user
> > > > > > > system is on files ? Thanks for the help.
> > > > > >
> > > > > > Did you ever find a fix for this? I am running into the
> > > > > > same thing myself.
> > > > >
> > > > > Check your pam.d configuration,
> > > > > particularly /etc/pam.d/login
> > > >
> > > > Probally a silly question, but how would that help with this
> > > > problem?
> > > >
> > > 
> > > pam controls how each application, including "login" attempts to
> > > authenticate. nss controls how user, host information is looked
> > > up.
> > > 
> > > I don't know if it will help your problem, I'm struggling
> > > through my own pam/nss/ldap issues, but it is a part of the
> > > picture.
> > 
> > I am curious. Do you run into problems with SSH and xterm, but
> > everything else works? That is what I am currently hitting.
> > 
> > initgroups(kitsune,1001): Invalid argument
> > 
> > Is what it is kicking into /var/log/messages. That is right after
> > I authenticate.
> 
> Not sure if this has a bearing on the problem. From the samba by
> example web pages whenrefering to ldap:
> 
> Some Linux systems (Novell SUSE Linux in particular) add entries to
> the nsswitch.conf file that may cause operational problems with the
> configuration methods adopted in this book. It is advisable to
> comment out the entries passwd_compat and group_compat where they
> are found in this file.
> 
> I too have this problem. Logins worked ok with earlier versions. I
> had a setup which worked fine (can't get at the machine at present)
> that had no nis line present on the initial install, but when I
> tried setting up another machine the nis line has appeared. From my
> notes nsswitch.conf looked like this with an earlier version of
> freebsd and worked ok:
> 
> passwd: files ldap
> shadow: files ldap
> group:  files ldap
> hosts:  files dns
> networks: files
> shells: files

I am not using group_compat and passwd_compat with NIS. 

The following works perfectly fine unless I use xterm or ssh. I've
not messed much with pam and ldap yet. I have it setup for auth, but
that is all.

group: files nis
hosts: files dns
networks: files
passwd: files ldap
shells: files

More information about the freebsd-questions mailing list