pam_ldap and nss_ldap : checken and egg problem with "wheel"
group and "su" utility
Dag-Erling Smørgrav
des at des.no
Sat Sep 24 12:03:33 UTC 2011
Lev Serebryakov <lev at FreeBSD.org> writes:
> Dag-Erling <des at des.no> writes:
> > Did you try changing the priority in /etc/nsswitch.conf?
> It gives very long boot time, as nss_ldap waits for answer from
> non-started server, again and again, etc.
The only solution I can think of is to try to figure out how to reduce
or eliminate this delay, because the system is doing exactly what you
asked it to, i.e. treating /etc/group as authoritative and using LDAP
only for groups it can't find there.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list