https://bugzilla.novell.com/show_bug.cgi?id=409999
User rhafer@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=409999#c7
Ralf Haferkamp
Hello Ralf,
your absolute on the right way. I didn't know that /etc/ldap.conf is a config file for nss_ldap. I always made /etc/openldap/ldap.conf and /etc/ldap.conf equal. In the initial description you mentioned that you used YaST to setup the LDAP client configuration. There is no need to touch /etc/ldap.conf after that. Additionally /etc/ldap.conf and /etc/openldap/ldap.conf are two differnt files for two different purposes which support very different sets of options. You cannot just copy one of them to the other.
This seems to bring all this problems in opensuse 11. When using the file you attached above as /etc/ldap.conf, nss_ldap will block until a connection to the LDAP server can be estabilished (this is what you see during bootup). It is the documented default when no "bind_policy" option is set in /etc/ldap.conf. The problem with this is, that during booting, when dbus is started no network interface is available so no connections can be created. It is a bit unfortunate that nss_ldap uses this default but it can be configured correctly very easily. YaST will set the "bind_policy" option to "soft" which avoids the above problem. (Additionally the default /etc/ldap.conf file, that ships with the system contains this options as well).
But nevertheless in previous versions of opensuse (until now) this was never a problem. The above connection behavior of nss_ldap is already present sinces a few years I think.
Seems that openldap made it correct by default without a valid /etc/ldap.conf.
And shouldn't it be changed to stuck in infinite loops during boot, when ldap is misconfigured. The default configuration that the configuration created with YaST doesn't show this behavior. Please try to setup your system again with YaST (leaving /etc/ldap.conf) unchanged after that. If it still fails afterwards please reopen this bugreport. I'll close it as invalid for now.
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.