[Arthur de Jong] > I believe that cfg_getdomainname() does more or less the same thing > as hostname -d does (at least I don't think I came up with the > solution myself). Do you know of a way to reliable access that > information (apart from parsing the file yourself)?
Nope. My point is that nslcd should not need to look at the hosts domain name. It should be enough to search for the first _ldap._tcp entry in any domain searched by the current DNS setup. Ran into a problem with autoconfiguration here at the University of Oslo. The rootDSE returned look like this: dn: objectClass: top objectClass: OpenLDAProotDSE objectClass: labeledURIObject structuralObjectClass: OpenLDAProotDSE configContext: cn=config namingContexts: cn=mail,dc=uio,dc=no namingContexts: cn=system,dc=uio,dc=no namingContexts: cn=services,dc=uio,dc=no namingContexts: dc=uio,dc=no monitorContext: cn=Monitor supportedControl: 1.3.6.1.4.1.4203.1.9.1.1 supportedControl: 2.16.840.1.113730.3.4.18 supportedControl: 2.16.840.1.113730.3.4.2 supportedControl: 1.3.6.1.4.1.4203.1.10.1 supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.826.0.1.334810.2.3 supportedControl: 1.2.826.0.1.3344810.2.3 supportedControl: 1.3.6.1.1.13.2 supportedControl: 1.3.6.1.1.13.1 supportedControl: 1.3.6.1.1.12 supportedExtension: 1.3.6.1.4.1.1466.20037 supportedExtension: 1.3.6.1.4.1.4203.1.11.1 supportedExtension: 1.3.6.1.4.1.4203.1.11.3 supportedFeatures: 1.3.6.1.1.14 supportedFeatures: 1.3.6.1.4.1.4203.1.5.1 supportedFeatures: 1.3.6.1.4.1.4203.1.5.2 supportedFeatures: 1.3.6.1.4.1.4203.1.5.3 supportedFeatures: 1.3.6.1.4.1.4203.1.5.4 supportedFeatures: 1.3.6.1.4.1.4203.1.5.5 supportedLDAPVersion: 3 supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: CRAM-MD5 supportedSASLMechanisms: OTP labeledURI: http://www.usit.uio.no/it/ldap/ Test-tjener for LDAP ved Universit etet i Oslo entryDN: subschemaSubentry: cn=Subschema The correct base DN to use is "cn=system,dc=uio,dc=no", and it is as you can see the second of the lot. I was unable to convince the LDAP administrators to add defaultNamingContexts, due to fears that this might confuse Windows machines, and thus need to manually set the base anyway. :( In Debian Edu on the other hand, we have started using the automatic configuration for nss-ldapd, but not for pam-ldap yet. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
