Mailinglist Archive: opensuse (1698 mails)

< Previous Next >
[opensuse] nss_pam_ldap and nslcd
Hi
I have connected to Samba 4 Active Directory LDAP.
I have /etc/nslcd.conf:

uri ldap://127.0.0.1/
base dc=hh3,dc=site
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map shadow uid sAMAccountName
sasl_mech GSSAPI
sasl_realm HH3.SITE
krb5_ccname /tmp/krb5cc_0

It works fine but sometimes, getent passwd fails to show the LDAP users in AD and we can't login. I can fix this by changing the nslcd.conf file:

uri ldap://localhost
to
uri ldap://192.168.1.3/

and restarting nslcd

If it doesn't work on the next boot I change it back again and it works again. Crazy.

errors:
Dec 30 22:36:33 hh3 nslcd[2736]: version 0.7.13 starting
Dec 30 22:36:33 hh3 nslcd[2736]: accepting connections
Dec 30 22:36:33 hh3 nslcd[2728]: Starting local LDAP Name Service Daemon..done
Dec 30 22:36:40 hh3 nslcd[2736]: [8b4567] failed to bind to LDAP server ldap://l
ocalhost: Can't contact LDAP server: Transport endpoint is not connected

successes:
Dec 30 22:52:13 hh3 nslcd[2769]: caught signal SIGTERM (15), shutting down
Dec 30 22:52:13 hh3 nslcd[2769]: version 0.7.13 bailing out
Dec 30 22:52:13 hh3 nslcd[2868]: Shutting down local LDAP Name Service Daemon..done
Dec 30 22:52:13 hh3 nslcd[2884]: version 0.7.13 starting
Dec 30 22:52:13 hh3 nslcd[2884]: accepting connections
Dec 30 22:52:13 hh3 nslcd[2876]: Starting local LDAP Name Service Daemon..done

and then getent passwd works and we can login.

Any ideas anyone?
Thanks
L x

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages