Hi, Am Montag, 22. Okt 2007, 13:44:19 +0100 schrieb Benjamin Smee: > On Monday 22 October 2007 13:12:29 Bertram Scharpf wrote: > > > > @(#) $OpenLDAP: slapd 2.3.38 (Oct 18 2007 22:12:26) $ > > [EMAIL > > PROTECTED]:/var/tmp/portage/net-nds/openldap-2.3.38/work/openldap-2.3.38/ > >servers/slapd nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: > > Can't contact LDAP server nss_ldap: failed to bind to LDAP server > > ldap://127.0.0.1/: Can't contact LDAP server nss_ldap: failed to bind to > > LDAP server ldapi://%2fvar%2frun%2fldapi_sock/: Can't contact LDAP server > > ... > > nss_ldap: could not search LDAP server - Server is unavailable > > > > I found out that the Gentoo init script activates the > > options "-u ldap -g ldap". Without them, the error messages > > do not appear. Therefore I suppose the slapd daemon tries to > > obtain passwd/shadow information for ldap via nss_ldap. At > > least when I say "compat" in nsswitch.conf, the error > > message doesn't appear as well. > > instead of -u ldap -g ldap, try putting in the UID and GID. This should stop > the calls to the server.
I forgot to mention that I tried this, too. The same messages appear. Is there a way to determine _what_ nss is asked for? > > I even tried to chown the > > shadow file to ldap but this didn't save me from the weird > > messages either. > > Don't play with the perms on /etc/shadow, you're just openning up security > holes. That was just for a minute. Of course I recovered the previous state immediately. Thanks anyway so far, Bertram -- Bertram Scharpf Stuttgart, Deutschland/Germany http://www.bertram-scharpf.de -- [EMAIL PROTECTED] mailing list