Re: [nssldap] disconnected nss_ldap
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: [nssldap] disconnected nss_ldap
- From: Ryan Lynch <ryan.b.lynch [at] gmail.com>
- To: "Brian J. Murrell" <brian [at] interlinx.bc.ca>
- Cc: nssldap [at] padl.com
- Subject: Re: [nssldap] disconnected nss_ldap
- Date: Sat, 24 Oct 2009 00:09:17 -0400
On Fri, Oct 23, 2009 at 22:49, Brian J. Murrell <brian@interlinx.bc.ca> wrote:
> At the risk of asking a FAQ (but in my defence, I have been googling
> this off and on for the last 2-3 weeks) how does one properly handle
> computers (i.e. laptops) that should get their NSS information from LDAP
> while connected to the corporate network and yet still function while
> away from the corporate network?
...
>
> Surely others have run into this same problem. How did you solve it?
>
> BTW: I am aware of nss_updatedb, but that seems a little clunky and
> heavy handed with it's "cache everything" and rigid (i.e. time of day
> driven) update schedule. For such reasons I have read frequently that
> it really just doesn't scale. An nss_updatedb that is updated as a
> result of usual lookups seems much more manageable. That way only
> information the user is likely to use is cached and it's done with the
> frequency of and as a by-product of existing lookups.
Do you know about NSCD (the Name Service Caching Daemon)? It's built
to handle this kind of thing, and a lot of distros (Fedora/RH/CentOS,
at least) include it by default with the Glibc package. But it usually
isn't running by default.
-Ryan
- [nssldap] Re: disconnected nss_ldap, (continued)
- Re: [nssldap] disconnected nss_ldap,
Ryan Lynch