RSS feed

Re: --disable-nslcd, nssov, and local user lookups

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: --disable-nslcd, nssov, and local user lookups

On Fri, 2012-06-29 at 11:59 -0400, Ryan Steele wrote:
> I don't think simply preventing nslcd from running is going to work
> for me.  Every time I would open a session with sudo/su, I got these
> messages to stdout:
> root@myhost:~# su - myuser
> LDAP open session failed

This is probably due to a problem in the communication with the PAM
module and nssov or that nssov doesn't support PAM sessions.

> The sudo/su will work, but obviously that behavior is not desirable
> and is confusing for users.

It is probably best to disable pam_ldap in the session (comment out
pam_ldap in /etc/pam.d/common-session) to not pass these requests to

nslcd doesn't do anything with these requests but I thought there were
some ideas to have nssov do something with them. In any case without
session logging everything should work.

-- arthur - - --
To unsubscribe send an email to or see