Hi Everyone,
I'm experiencing the following problem, for which I've not yet found a
resolution. It's been discussed elsewhere, but unfortunately nothing
actually solves it.
Here's my /etc/ldap.conf file:
#################
ldap_version 3
base ou=people,o=xxx
uri ldaps://server1.domain.be/ ldaps://server2.domain.be/
bind_policy soft
scope sub
timelimit 3
bind_timelimit 5
idle_timelimit 120
referrals no
ssl start_tls
ssl on
tls_checkpeer yes
tls_cacertdir /etc/openldap/cacerts
#################
And the relevant nsswitch:
#################
passwd: files ldap
shadow: files ldap
group: files ldap
#################
So that's pretty straight forward. My LDAP systems are running fine, and
I can authenticate to them.
However, the problem: when the client boots *without network
connectivity*, the server gets stuck/hangs at "Start System Message
Bus". I've tracked this down to the following known bug in Redhat, but
it dates back to early 2010.
https://bugzilla.redhat.com/show_bug.cgi?id=182464#c46
The solution works: if I comment out the "group" from nsswitch to only
load from "files" and not from "ldap", it works and the system boots.
However, since most systems (and that includes ours) uses groups for
management, that's not a viable option.
We're running the very latest 5.6 with all packages (only from the
CentOS repo's) up-to-date.
Has anyone else ever solved this to still be able to keep the group ldap
entry in nsswitch.conf without having a server hang on boot if there's
no network?
Regards,
Mattias
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
