[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: PAM_LDAP



Quoting Matthew Geddes <mgeddes@xavier.sa.edu.au>:

> /etc/nsswitch.conf has LDAP first and files next (so I can still log
> in ;-)).  When  I check my logs, there  are messages like: PAM_LDAP:
> ldap_search_s: No Such Object

Just a note of what I have  just been bitten by. Have it the other way
around  (files  first  and  then  ldap),  without  ordinary  users  in
/etc/{passwd|group}, and  a proper password for root.  What have just
(yesterday)  bit  me,  was  that  I  was playing  with  a  CGI  script
(web2ldap), and Roxen  (the web server) OR the  CGI script is blocking
the LDAP server. Hence, i can't  do anything, because it will not fall
back  to files  for some  reason (so  that i  can su  and restart/stop
slapd/Roxen or to reboot the system).

Having a 'empty' passwd file (with only the system accounts), with a
root account to use, would let me to still use the system (al beight
not as a ordinary user)...

I don't  know if this  is in  the FAQ/QSG, but  if it isn't,  maybe it
should be entered?
-- 
supercomputer Semtex arrangements nuclear Clinton ammunition SDI
Kennedy security BATF assassination FSF cryptographic Peking Albanian