[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: LDAP weirdness

Hi Roberto,

if everything worked before and suddenly stopped, I bet you had nscd
installed. nscd has a bad habit: Sometimes it stops or it's chache goes
nots. You need nscd if the libnss-ldap.conf or libnss-ldap.secret is
only readable by root (Which is right if you use rootbinddn - avoid that
make a proxy user!).


Roberto C. Sánchez schrieb:
> So, today, LDAP started acting quite funny.
> These are the symptoms:
>   - users unable to login via GDM
>   - login via console results in the "I have no name!@host" prompt
>   - previous item applies to 'su - user' as well
>   - sudo stopped working
>   - 'getent passwd' and 'getent shadow' report expected results and see
>     all user accounts
> I tried the following (all to no avial):
>   - restarting ncsd on the clients and the server
>   - restarting the LDAP server
>   - rebooting a workstation
> I did a bit of Google searching and found this thread:
> http://www.openldap.org/lists/openldap-software/200302/msg00317.html
> So, I followed the advice there (made /etc/libnss-ldap.conf have mode
> 644) and now everything works again.
> My question is: Why?  I looked back at my backups (they go as far back
> as 30 days for onine backups) and every single /etc/libnss-ldap.conf had
> mode 600.  Everything worked fine as recently as yesterday.  So, why did
> everything start acting up today?
> I'd be interested to know if anyone else has come across this.
> Regards,
> -Roberto
> --=20

Reply to: