Re: LDAP weirdness
Hi Roberto,
if everything worked before and suddenly stopped, I bet you had nscd
installed. nscd has a bad habit: Sometimes it stops or it's chache goes
nots. You need nscd if the libnss-ldap.conf or libnss-ldap.secret is
only readable by root (Which is right if you use rootbinddn - avoid that
make a proxy user!).
rgds,
j.
Roberto C. Sánchez schrieb:
> So, today, LDAP started acting quite funny.
>
> These are the symptoms:
>
> - users unable to login via GDM
> - login via console results in the "I have no name!@host" prompt
> - previous item applies to 'su - user' as well
> - sudo stopped working
> - 'getent passwd' and 'getent shadow' report expected results and see
> all user accounts
>
> I tried the following (all to no avial):
>
> - restarting ncsd on the clients and the server
> - restarting the LDAP server
> - rebooting a workstation
>
> I did a bit of Google searching and found this thread:
> http://www.openldap.org/lists/openldap-software/200302/msg00317.html
>
> So, I followed the advice there (made /etc/libnss-ldap.conf have mode
> 644) and now everything works again.
>
> My question is: Why? I looked back at my backups (they go as far back
> as 30 days for onine backups) and every single /etc/libnss-ldap.conf had
> mode 600. Everything worked fine as recently as yesterday. So, why did
> everything start acting up today?
>
> I'd be interested to know if anyone else has come across this.
>
> Regards,
>
> -Roberto
>
> --=20
Reply to: