Hi, when setting up LDAP Pam authentication I encountered a problem that seems to be neither Slapd- nor nss_ldap-specific.
When running the init script there comes up an error that clutters up my syslog with a lot of useless error messages: @(#) $OpenLDAP: slapd 2.3.38 (Oct 18 2007 22:12:26) $ [EMAIL PROTECTED]:/var/tmp/portage/net-nds/openldap-2.3.38/work/openldap-2.3.38/servers/slapd nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server nss_ldap: failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server nss_ldap: failed to bind to LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server ... nss_ldap: could not search LDAP server - Server is unavailable WARNING: No dynamic config support for database ldbm. slapd starting I found out that the Gentoo init script activates the options "-u ldap -g ldap". Without them, the error messages do not appear. Therefore I suppose the slapd daemon tries to obtain passwd/shadow information for ldap via nss_ldap. At least when I say "compat" in nsswitch.conf, the error message doesn't appear as well. The thing I really wonder about is that the lines in nsswitch.conf say passwd: files ldap shadow: files ldap group: files ldap The files should be searched first. The "ldap" information is present in all three of them. I even tried to chown the shadow file to ldap but this didn't save me from the weird messages either. I detected I have a machine where this didn't happen. Then I upgraded from glibc-2.5-r4 to glibc-2.6.1 ... I tried to stuff log statements into glibc's nss part but I'm not experienced enough in glibc to do that in finite time. Could this it a real bug in glibc or any of its patches? Does anybody experience the same behaviour? Thanks in advance, Bertram -- Bertram Scharpf Stuttgart, Deutschland/Germany http://www.bertram-scharpf.de -- [EMAIL PROTECTED] mailing list
