On Tue, 2009-09-29 at 11:20 -0500, Dan Burkland wrote:
> I experienced the same problem and found a solution. In your /etc/ldap.conf file (which I had the ldap.conf in /etc/openldap symlinked to), add the following line to the bottom of the file:
>
> nss_initgroups_ignoreusers root,haldaemon,dbus,ldap,sshd (any other group that is locally stored and used by applications go here)
>
----
having these lines in /etc/ldap.conf has helped me a lot...
timelimit 30
bind_timelimit 30
bind_policy soft
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus
As for symlinking /etc/ldap.conf to /etc/openldap/ldap.conf...
that's a bad idea because they serve different purposes. OpenLDAP
developers have often lamented that padl chose to name their settings
file with the same name and it just creates confusion.
/etc/ldap.conf is for nss/padl
/etc/openldap/ldap.conf is for users who execute openldap client
programs such as ldapsearch/ldapmodify/etc.
The file contents are necessarily different.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
