Ldap x local users
Paul B. Henson
henson at acm.org
Tue Oct 16 20:58:09 UTC 2007
On Tue, 16 Oct 2007, Tiago Cruz wrote:
> On Tue, 2007-10-16 at 12:54 -0700, Paul B. Henson wrote:
>
> > Sounds like you have ldap listed before files...
>
> Nope ;)
>
> passwd: files ldap
> shadow: files ldap
> group: files ldap
>
> Any other suggestion?
In that case, the only naming service call that would touch ldap for a
local user would be initgroups. Check the nss_ldap documentation for the
nss_initgroups_ignoreusers config option. I'm not sure if that's in the
version of nss_ldap in the red hat release you're using, but you can
provide a list of users not to look up in ldap for group membership.
--
Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/
Operating Systems and Network Analyst | henson at csupomona.edu
California State Polytechnic University | Pomona CA 91768
More information about the redhat-sysadmin-list
mailing list