> But if --enableldap is changed to --disableldap, then the local users > can log on and run sudo commands fine. This of course is all while > the LDAP server is down. I may have narrowed down the problem a bit. Inside /etc/nsswitch.conf there is a line that looks like this: group: files ldap It's as if the local system is searching for some group data on the ldap server, but is never able to reach it so it just sits there and hangs. If I remove the 'ldap' part from the end, logins work fine with no issues even when the ldap server is down. So my questions are: 1. Why is this group line gumming up the entire authentication process? 2. Do I need "ldap" on the group line? If I take it out how will it affect my running systems? -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
