nss_ldap problem
David Magda
dmagda at ee.ryerson.ca
Sat Mar 4 19:29:48 UTC 2006
On Mar 4, 2006, at 04:04, Frode Nordahl wrote:
>> /etc/nsswitch.conf
>> group: ldap files
>> hosts: files dns
>> networks: files
>> passwd: ldap files
>> shells: files
>> imap: ldap
>
> Why do you have "ldap" first? I would use "files ldap" in any case
> so local changes can override the directory.
And if there's an issue with the network, things will slow down to a
crawl when the system is waiting for the LDAP server to respond
(which it won't, so you're waiting for the time out to occur).
Another scenario is when you boot up in single user mode: if you do
an 'ls -l' the UIDs need to be looked up to display the usernames by
default, so the passwd look up is performed, and since the network
hasn't been brought up you're waiting for the timeout.
More information about the freebsd-stable
mailing list