Christopher Hunter wrote: > There seems to be ldap-related bugs in nss_ldap & the nscd daemon in the > release of redhat 4.6. See redhat bugzilla #404751, #434842, #221199, etc. > > The quick fix is to use the previous version of nss_ldap > (nss_ldap-226-18). My guess is that the long default timeout values > cause logins to fail. I disabled the nscd service and reduced the > timelimit values in the ldap.conf settings.
Hi Christopher, my "nss_initgroups_ignoreusers" line in the /etc/ldap.conf file didn't contain the "nscd" user. After I have added it, I haven't seen a single issue (yet :) ). A copy of configuration that is known to work for us is available at [1] in case people are interested. Thanks for your suggestions. [1] http://wiki.farm.particle.cz/index.php?title=LDAP_na_klientech Cheers, -jkt
smime.p7s
Description: S/MIME Cryptographic Signature
