[Freeipa-users] LDAP SRV Record Requests
Mark deJong
dejongm at gmail.com
Thu Mar 19 21:28:45 UTC 2009
Hello,
I'm running CentOS 5.2 and am trying to set it up as a IPA-Client. I'm have
little luck getting nss_ldap to work as expected.
The execution of ipa-client-install works fine and populates /etc/ldap.conf
as follows:
#File modified by ipa-client-install
ldap_version 3
base dc=nix,dc=dom,dc=com
nss_base_passwd cn=users,cn=accounts,dc=nix,dc=dom,dc=com?sub
nss_base_group cn=groups,cn=accounts,dc=nix,dc=dom,dc=com?sub
nss_schema rfc2307bis
nss_map_attribute uniqueMember member
nss_initgroups_ignoreusers root,dirsrv
nss_reconnect_maxsleeptime 8
nss_reconnect_sleeptime 1
bind_timelimit 5
timelimit 15
nss_srv_domain nix.dom.com
But this does not seem to work with the nss_ldap installed.
I'm currently running nss_ldap-253-13.el5_2.1.x86_64.
When I change nss_srv_domain to _ldap._tcp.nix.dom.com, everything works
fine, but I'd rather not go down this road fearing that the next update of
nss_ldap will break this.
leaving nss_srv_domain be and installing nss_ldap-264 from the Fedora 10
distro also fixes the problem, but again, I'd like to avoid this due to any
unforseen issues in the future.
I've tried to back port some of Redhats patches from later versions of
nss_ldap but that doesn't fix the problem.
I'm sensing that, for others, this works fine. Is there something I'm
missing? What's the best course of action I should take at this point?
Thanks,
M
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20090319/4d6c35df/attachment.htm>
More information about the Freeipa-users
mailing list