On Mon, Oct 22, 2007 at 09:59:32PM +0200, Jos Vos wrote: > Hi, > > Sorry for the confusing subject, but the problem is: > > On an LDAP client, it seems that only root can login when the LDAP > server is not reachable, other local users can't be used (timeout). > I did choose the "local authorization is sufficient option" and > I can login fine as a local user while the LDAP server is reachable. > > So: it it possible to login as (any) local user when the LDAP server > is not reachable (maybe with a short delay)? > > On RHEL4, I added "authinfo_unavail=ignore" in system-auth's pam_ldap > entry, which worked more or less IIRC, but this doesn't seem to have > any effect on RHEL5. > > Both server (OpenLDAP) and client systems are RHEL5.
Try putting into /etc/ldap.conf something like # Search timelimit timelimit 6 # Bind/connect timelimit bind_timelimit 3 # Reconnect policy: hard (default) will retry connecting to # the software with exponential backoff, soft will fail # immediately. bind_policy soft -- Janne Blomqvist _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
