Re: question about the libpam-ldap debian package.

To: debian-devel@lists.debian.org
Subject: Re: question about the libpam-ldap debian package.
From: Petter Reinholdtsen <pere@hungry.com>
Date: Wed, 07 May 2008 08:07:50 +0200
Message-id: <[🔎] 2fl63tq6409.fsf@klodrik.uio.no>
References: <48203C23.2040602__20330.8103293695$1210076924$gmane$org@cea.fr>

[Anthony Berger]
> i try to configure the auth of my all users by a openldap server.
> So i configure libpam-ldap libnss-ldap (with db in nsswitch.conf)
> and nss_udatedb (with a cron to update de db users) configure the
> libpam_ccreds to be able to auth the user even if the network is
> down (more specially Laptop)

Very interesting configuration.  Is this similar to the configuration
on <URL:http://www.flyn.org/laptopldap/laptopldap.html> for mobile
laptops?

> If the interface is not configure, after a first auth on the ldap,
> the user authenticated If a interface is NOT configure (Only
> loopback) , it take a long, long time, and the user is not auth on
> the ccreds file.
>
> WATH's the problem

Could it be a DNS timeout problem?  Is the LDAP server listed in
/etc/hosts?  If the timeout is 3 minutes, it might be the nss-ldap
connect call that take forever.

Did you consider the nss-ldapd module?  It have a local LDAP proxy
(nslcd) doing the connections to the LDAP server, so it would have it
easier to keep track of the connection status.

How did yuo configure NSS?

Happy hacking,
-- 
Petter Reinholdtsen

Reply to:

Follow-Ups:
- Re: question about the libpam-ldap debian package.
  - From: Anthony <anthony.berger@cea.fr>

Prev by Date: How to build XEN dom0 and domU kernels based on 2.6.25?
Next by Date: Re: Bug#479220: perl upgrade fails
Previous by thread: question about the libpam-ldap debian package.
Next by thread: Re: question about the libpam-ldap debian package.
Index(es):
- Date
- Thread