Re: NSS-LDAP group preventing proper boot
Marc Franquesa <marc.franquesa@gmail.com> wrote:
> Thanks for the feedback, I might give it a try to sssd (I was already
> planning to take a look).
> I seen many docs recommending to move to nss/pam-ldapd however (also for
> sssd) this requires installing many other packages and run multiple daemons
> while I could achieve the same with simply a dynamic loaded library as
> libnss-ldap.
nss-ldapd and pam-ldapd only require the nslcd daemon and not "multiple
daemons".
Also the design of nss-ldapd and pam-ldapd is vastly superior over the
older nss-ldap and pam-ldap approach, as you don't need to load the
whole libldap-machine into each and every program but just the thin
libnss-ldapd library, which acts as an interface to nslcd, which does
the heavy lifting.
Added bonus: your libldap configuration does not need to be
user-readable, which is critical in case you need to use any special
admin-DN to access the LDAP server.
Grüße,
Sven.
--
Sigmentation fault. Core dumped.
Reply to: