[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: question about the libpam-ldap debian package.

[Anthony Berger]
> i try to configure the auth of my all users by a openldap server.
> So i configure libpam-ldap libnss-ldap (with db in nsswitch.conf)
> and nss_udatedb (with a cron to update de db users) configure the
> libpam_ccreds to be able to auth the user even if the network is
> down (more specially Laptop)

Very interesting configuration.  Is this similar to the configuration
on <URL:http://www.flyn.org/laptopldap/laptopldap.html> for mobile

> If the interface is not configure, after a first auth on the ldap,
> the user authenticated If a interface is NOT configure (Only
> loopback) , it take a long, long time, and the user is not auth on
> the ccreds file.
> WATH's the problem

Could it be a DNS timeout problem?  Is the LDAP server listed in
/etc/hosts?  If the timeout is 3 minutes, it might be the nss-ldap
connect call that take forever.

Did you consider the nss-ldapd module?  It have a local LDAP proxy
(nslcd) doing the connections to the LDAP server, so it would have it
easier to keep track of the connection status.

How did yuo configure NSS?

Happy hacking,
Petter Reinholdtsen

Reply to: