I am trying to get an LDAP working for an environment that I have.
Currently, the LDAP is working an I can authenticate the LDAP and
everything is working fine. The one complaint I have is that one user or
group lookup where the local account information is sufficient, there is
still an query going again LDAP. Does anyone know if it is possible to
configure things so that if there is a result found in /etc/passwd and
/etc/group to then not do a query against the LDAP? I am wanting to
deploy this in an environment that is doing a ton of file operations as
a particular user that is already on the local machines and I don't want
queries hitting the LDAP all of the time and killing it. I know nscd
will cache the info but I am wanting to not hit the LDAP for that user
at all. Here is what I have in my nsswitch.conf.
---------------------------
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis ldap
---------------------------
I am running on Debian Etch with OpenLDAP 2.3. Any info would be
appreciated. Thanks.
Mike
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
