I want authentication against local openldap server. After several unsuccessful attempts configure sssd I uninstall sssd-* stuff and configure things with pam_ldap/nss_ldap (fortunately when not installed sssd, then system-config-authentication seems configure /etc/pam.d/* files correctly). But my system behaves weirdly: When I have in /etc/nsswitch.conf only "files" service lookup, all is OK. But when I specify passwd, shadow and group database as below: #--- my "/etc/nsswitch.conf": passwd: files ldap shadow: files ldap group: files ldap hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc: files services: files netgroup: files publickey: nisplus automount: files aliases: files then NSS (or PAM?) LDAP modules are accessed, which appears as local accounts are ignored. For that behavior either will not start services which run as non-root users (named, httpd,.. and unluckily openldap server too :( ) - they stops at "runuser ..." commands in their start scripts. Can someone help with? Due to which things system may behave in this manner? When I slightly modify nsswitch.conf as: passwd: files [SUCCESS=return] ldap shadow: files [SUCCESS=return] ldap group: files [SUCCESS=return] ldap then nothing changes. Grrr... Thanks, Franta Hanzlik -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines