nsswitch.conf with ldap
Z.C.B.
vvelox at vvelox.net
Tue May 9 03:28:10 UTC 2006
On Mon, 8 May 2006 21:16:20 -0500
Dan Nelson <dnelson at allantgroup.com> wrote:
> In the last episode (May 08), Atom Powers said:
> > On 5/8/06, Z.C.B. <vvelox at vvelox.net> wrote:
> > >> I don't know if it will help your problem, I'm struggling
> > >> through my own pam/nss/ldap issues, but it is a part of the
> > >> picture.
> > >
> > >I am curious. Do you run into problems with SSH and xterm, but
> > >everything else works? That is what I am currently hitting.
> > >
> > >initgroups(kitsune,1001): Invalid argument
>
> man initgroups:
>
> ERRORS
> The initgroups() function may fail and set errno for any of
> the errors specified for the library function setgroups(2).
>
> man setgroups:
>
> [EINVAL] The number specified in the ngroups argument is larger
> than the NGROUPS limit.
>
> Either get out of some groups, or raise NGROUPS (this may affect NFS
> though).
Nope. I built my LDAP user and group entries from my NIS group
entries. If I put it back to "files nis" from "files ldap" it works.
> > > Is what it is kicking into /var/log/messages. That is right
> > > after I authenticate.
> >
> > No, my problem is with local login when the LDAP server is
> > unavailable. It hangs for about two minutes before logging in. I
> > think I've tracked this down to an nss timeout somewhere.
>
> Newer version of nss_ldap have timeout veriables to adjust this, but
> your best solution would be to set up another ldap server and put
> them both in your ldap.conf so you'll never be without one.
It still waits.
More information about the freebsd-questions
mailing list