root authentication problem with LDAP
Craig White
craig at tobyhouse.com
Thu Sep 13 20:33:57 UTC 2007
On Thu, 2007-09-13 at 18:41 +0300, Paul-Erik Törrönen wrote:
> Nicolas Canepa wrote:
> > Hi,
> > I'm using openLDAP to authenticate users in my network, the problem I
> > have is that when the LDAP server is down or unreachable, I cannot login
> > as root, although is a local user, that's a complication to me when I
>
> Cannot log on at all, or does logon timeout?
>
> One reason could be that the logon process may indirectly try to connect
> to the ldap-server (through some library functions or other) and it then
> waits for timeout during which the logon process itself timeouts.
>
> Try using the following parameters in /etc/ldap.conf:
>
> timelimit 30
> bind_timelimit 30
> bind_policy soft
>
> These were mentioned earlier in the 'OpenLDAP user authentication'
> thread by Craig White.
----
one last one you forgot but probably very important in this case...
nss_initgroups_ignoreusers root,ldap
--
Craig White <craig at tobyhouse.com>
More information about the users
mailing list