RSS feed

Configuration Confusion

[Date Prev][Date Next] [Thread Prev][Thread Next]

Configuration Confusion

Hi all,

I'm trying to replace libnss-ldap with libnss-ldapd, but I'm running into a bit of a configuration confusion. My understanding is that /etc/ldap.conf provides configuration for libpam-ldap, /etc/nss-ldapd.conf for libnss-ldapd, and /etc/ldap/ldap.conf is a set of global defaults for the ldap* utilities. If this is correct, it seems that switching from libnss-ldap to libnss-ldapd shouldn't affect options in /etc/ldap.conf, however it seems that my pam_groupdn option is now being ignored in /etc/ldap.conf. Because our LDAP server stores entries for users who should not have shell access to our servers, we had been using that to limit shell logins. Is there something I'm missing?

(Our conversion was inspired by Howard Chu's posts on Ubuntu bug 423252[1].)


Thanks in advance,


David Tomaschik, RHCE
IT Systems Support Professional III
Kennesaw State University
Online Development Group

To unsubscribe send an email to or see