Re: nsswitch.conf/LDAP

To: debian-user@lists.debian.org
Subject: Re: nsswitch.conf/LDAP
From: Tom H <tomh0665@gmail.com>
Date: Tue, 12 Jan 2010 04:40:23 +0100
Message-id: <[🔎] 6d4219cc1001111940j51b787c4wc0e5a70a359e0d9c@mail.gmail.com>
In-reply-to: <[🔎] 63316a1001110422g1f872843l75f02b945c765361@mail.gmail.com>
References: <[🔎] 63316a1001110422g1f872843l75f02b945c765361@mail.gmail.com>

> I have a problem with my NSS/LDAP setup. When I set

> passwd:    files [SUCCESS=return] ldap
> group:       files [SUCCESS=return] ldap
> shadow:    files

> in /etc/nsswitch.conf and then enter 'id root' in the shell the NSS
> tries to contact the LDAP server *although* root is contained in
> /etc/passwd, /etc/group (and /etc/shadow) and can thus be
> authenticated without inquiring the LDAP server.

> So what I want is, to have users be authenticated via LDAP only when
> they are *not* in the passwd/group files. How do I  archieve this?

How about
getent passwd root
and
getent group root

(by the way, "return" is the default for "success")

Reply to:

Follow-Ups:
- Re: nsswitch.conf/LDAP
  - From: Alex Samad <alex@samad.com.au>

References:
- nsswitch.conf/LDAP
  - From: Michael Mühlbauer <idnkmn@googlemail.com>

Prev by Date: Re: Gnome [Nautilus] debuggers: please reopen bug 358731
Next by Date: Re: New testing install; no /boot/grub/menu.lst exists.
Previous by thread: Re: nsswitch.conf/LDAP
Next by thread: Re: nsswitch.conf/LDAP
Index(es):
- Date
- Thread