Re: LDAP server gone - impossible to login locally!

2009-09-24 Thread Doug Barton
Olivier Nicole wrote: Last June, we had to shutdown our openldap server every night, I noticed that a simple halt(8) would leave the bdb backend database in a corrupted state. As mentioned in the man page, halt(8) should not be used for regular shutting down of the system. shutdown(8) is

Re: LDAP server gone - impossible to login locally!

2009-09-23 Thread O. Hartmann
Daniel O'Connor wrote: On Wed, 23 Sep 2009, Erik Norgaard wrote: This sounds like the correct solution, AFAIK it's the same concept as for NIS, first check local files, then ldap. You don't want your root credentials possibly be leaked accross the network. On the other hand you don't want or

Re: LDAP server gone - impossible to login locally!

2009-09-23 Thread Olivier Nicole
On a related note, why is slapd so damn fragile? It's a righteous pain in the bum the way you have to run db_recover-X.Y /var/db/openldap-data if slapd fails to start. Yes, this is a lot of pain. I have had issues the same way and never figured out what the reason was. /var/ is very

Re: LDAP server gone - impossible to login locally!

2009-09-23 Thread Daniel O'Connor
On Wed, 23 Sep 2009, O. Hartmann wrote: Daniel O'Connor wrote: On Wed, 23 Sep 2009, Erik Norgaard wrote: This sounds like the correct solution, AFAIK it's the same concept as for NIS, first check local files, then ldap. You don't want your root credentials possibly be leaked accross the

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread Daniel O'Connor
On Tue, 22 Sep 2009, O. Hartmann wrote: I run into trouble with FreeBSD and LDAP on a regular basis! Sometimes it is necessary to log in onto a bunch of servers with no LDAP service responding, due to service, crash, eletrically disconnetion, whatever. The problem is: I can't. Using all

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread John Marshall
On Tue, 22 Sep 2009, 11:53 +, O. Hartmann wrote: Hello, I run into trouble with FreeBSD and LDAP on a regular basis! Sometimes it is necessary to log in onto a bunch of servers with no LDAP service responding, due to service, crash, eletrically disconnetion, whatever. The problem

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread Dmitriy Kirhlarov
John Marshall wrote: On Tue, 22 Sep 2009, 11:53 +, O. Hartmann wrote: Hello, I run into trouble with FreeBSD and LDAP on a regular basis! Sometimes it is necessary to log in onto a bunch of servers with no LDAP service responding, due to service, crash, eletrically disconnetion,

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread Erik Norgaard
Daniel O'Connor wrote: On Tue, 22 Sep 2009, O. Hartmann wrote: I run into trouble with FreeBSD and LDAP on a regular basis! Sometimes it is necessary to log in onto a bunch of servers with no LDAP service responding, due to service, crash, eletrically disconnetion, whatever. The problem is: I

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread Daniel O'Connor
On Wed, 23 Sep 2009, Erik Norgaard wrote: This sounds like the correct solution, AFAIK it's the same concept as for NIS, first check local files, then ldap. You don't want your root credentials possibly be leaked accross the network. On the other hand you don't want or need user accounts in

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread Tim Judd
On 9/22/09, Daniel O'Connor docon...@gsoft.com.au wrote: On Wed, 23 Sep 2009, Erik Norgaard wrote: This sounds like the correct solution, AFAIK it's the same concept as for NIS, first check local files, then ldap. You don't want your root credentials possibly be leaked accross the network. On

Re: LDAP server gone - impossible to login locally!

2009-09-22 Thread Daniel O'Connor
On Wed, 23 Sep 2009, Tim Judd wrote: On a related note, why is slapd so damn fragile? It's a righteous pain in the bum the way you have to run db_recover-X.Y /var/db/openldap-data if slapd fails to start. I run OpenLDAP on a few boxes. I don't recall the power failures or rude shutdowns