Re: Linux, LDAP, and nsswitch.conf's "hosts"
On Thu, 12 Nov 2009 10:00:46 -0500, Michael Peek wrote:
> Hi again gurus,
>
> I'm in the process of converting our organization from NIS to LDAP. I
> have an LDAP server set up and working, i.e.
>
> 1) ldapsearch -x returns stuff
> 2) id <username> returns the correct information
>
> And maybe I misunderstand, but it's my understanding that I can use LDAP
> to also set up a list of known hosts -- i.e. a replacement for the NIS
> hosts.byname map. So I:
>
> 1) Set up a ou=hosts,dc=nimbios,dc=org entry in the database
> 2) In /etc/ldap/ldap.conf, I set: nss_base_hosts ou=hosts,dc=nimbios,dc=org
> 2) In /etc/nsswitch.conf I set: hosts: files ldap dns
>
> But when I do so the networking freezes on the client until I remove the
> "ldap" from the "hosts" entry in /etc/nsswitch.conf.
>
> Do I misunderstand how this is supposed to work? I would have thought
> that if the hosts lookup in LDAP failed then it would fall through to
> DNS.
>
> Thanks for your help,
>
> Michael
>
Hi Michael,
In nsswitch.conf manual, it is written that the default action on "unavail"
and "tryagain" is to "continue". So, in your case, it should lokking for hosts
in DNS...
May be you could try :
hosts: files ldap [!SUCCESS=continue] dns
It should be the default behaviour of the system but in doubt...
Good week-end.
Regards.
--
Laurent Guignard, Registered as user #301590 with the Linux Counter
Site : http://www.famille-guignard.org
Blog : http://blog.famille-guignard.org
Projet : http://sicontact.sourceforge.net
GULL de Villefranche sur Saône : http://www.cagull.org
Reply to: