[nssldap] nss ldap under RHEL 5 does first connects configured ldap server and than does dns lookup and tries to connect random ldap servers
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[nssldap] nss ldap under RHEL 5 does first connects configured ldap server and than does dns lookup and tries to connect random ldap servers
- From: Thomas Glanzmann <thomas [at] glanzmann.de>
- To: nssldap [at] padl.com
- Subject: [nssldap] nss ldap under RHEL 5 does first connects configured ldap server and than does dns lookup and tries to connect random ldap servers
- Date: Thu, 12 Nov 2009 12:37:20 +0100
Hello,
I have RHEL 5.3 nss_ldap connected to active directory. The
configuration (/etc/ldap.conf) is the following:
host 157.163.212.208
bind_policy soft
base DC=ww004,DC=glanzmann,DC=net
ldap_version 3
binddn
CN=ADLDAPF,OU=ErlF,OU=User,OU=_CentralServices,DC=ww004,DC=glanzmann,DC=net
bindpw geheim
nss_base_passwd DC=ww004,DC=glanzmann,DC=net?sub?uid=*
nss_base_shadow DC=ww004,DC=glanzmann,DC=net?sub?uid=*
nss_base_group DC=ww004,DC=glanzmann,DC=net?sub?gidNumber=*
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_objectclass posixGroup group
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute gecos displayname
nss_map_attribute group:cn displayName
nss_map_attribute uniqueMember member
schema rfc2307bis
When I do a ,,getent passwd'' it shows the local users, the directory
users, and than hangs. By sniffing the connection, I see that connectes
to 157.163.212.208 does, search, gets the answer and even lists the
users. But than it does a DNS lookup for
DomainDnsZones.ww004.glanzmann.net
And tries to connect these servers which results into a hang because there is a
firewall in place which makes it impossible to connect the machines. Is there a
way to get rid of this annoying behaviour using a configuration option or do I
have to rebuild nss ldap?
Thomas
- [nssldap] nss ldap under RHEL 5 does first connects configured ldap server and than does dns lookup and tries to connect random ldap servers,
Thomas Glanzmann