On Tue, 22 Sep 2009, O. Hartmann wrote: > I run into trouble with FreeBSD and LDAP on a regular basis! > > Sometimes it is necessary to log in onto a bunch of servers with no > LDAP service responding, due to service, crash, eletrically > disconnetion, whatever. The problem is: I can't. > Using all prerequisits from ports (pam_ldap/nss_ldap/ldap as most > recent) my /etc/nsswitch.conf looks like this as it has been the most > reasonable (and only working!) solution for the past 2 years: > > passwd: ldap [unavail=continue notfound=continue] files > [success=return notfound=return]
I just have passwd: cache files ldap group: cache files ldap and I can login as root locally without any delay. That said my LDAP server is on the same machine so perhaps it fails faster. I am using "uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/" to connect to. -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
Description: This is a digitally signed message part.