Comments on: How to get PAM LDAP local logins to work when networking is down http://backdrift.org/how-to-get-pam-ldap-local-logins-to-work-when-networking-is-down Fri, 20 Aug 2010 18:28:34 +0000 http://wordpress.org/?v=2.9.1 hourly 1 By: mrmccrac http://backdrift.org/how-to-get-pam-ldap-local-logins-to-work-when-networking-is-down/comment-page-1#comment-323 mrmccrac Tue, 11 May 2010 13:20:32 +0000 http://backdrift.org/?p=106#comment-323 I'm actually running a version of unscd which may or may not be related to the problem that I wrapped up in my own RPM that I grabbed here: http://busybox.net/~vda/unscd/ You are not alone in your nscd troubles thats for sure, but this one doesn't randomly crash on me at least and seems to do its job. I'm still working on doing more debugging to see whats causing the timeout exactly. I turned on PAM debugging and the only message I saw was: May 10 20:52:22 hostname login: pam_localuser(login:account): checking "root:x:0:0:root:/root:/bin/bash " My /etc/ldap.conf also has: nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus I'm running RHEL5, and the only want I was able to login to a box where it lost networking (in this case, incorrect default gateway) was to reboot it and choose Interactive startup on boot and disable the networking service entirely. You could also boot into single user mode as well, but I was unable to get a grub prompt. This way, I was able to login as root immediately and don't hit the 60 second timeout. I’m actually running a version of unscd which may or may not be related to the problem that I wrapped up in my own RPM that I grabbed here:

http://busybox.net/~vda/unscd/

You are not alone in your nscd troubles thats for sure, but this one doesn’t randomly crash on me at least and seems to do its job. I’m still working on doing more debugging to see whats causing the timeout exactly. I turned on PAM debugging and the only message I saw was:

May 10 20:52:22 hostname login: pam_localuser(login:account): checking “root:x:0:0:root:/root:/bin/bash ”

My /etc/ldap.conf also has:

nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus

I’m running RHEL5, and the only want I was able to login to a box where it lost networking (in this case, incorrect default gateway) was to reboot it and choose Interactive startup on boot and disable the networking service entirely. You could also boot into single user mode as well, but I was unable to get a grub prompt. This way, I was able to login as root immediately and don’t hit the 60 second timeout.

]]> By: keith http://backdrift.org/how-to-get-pam-ldap-local-logins-to-work-when-networking-is-down/comment-page-1#comment-321 keith Tue, 11 May 2010 01:30:27 +0000 http://backdrift.org/?p=106#comment-321 I try to avoid it, It hasn't done me any favors and caused me more problems by holding on to stale data than it has helped. Are you using nscd when you see these problems? Also, do you see log entries indicating the results of your attempted ldap queries on the system in question? I try to avoid it, It hasn’t done me any favors and caused me more problems by holding on to stale data than it has helped. Are you using nscd when you see these problems? Also, do you see log entries indicating the results of your attempted ldap queries on the system in question?

]]> By: mrmccrac http://backdrift.org/how-to-get-pam-ldap-local-logins-to-work-when-networking-is-down/comment-page-1#comment-320 mrmccrac Mon, 10 May 2010 21:22:39 +0000 http://backdrift.org/?p=106#comment-320 I'm having similar problems even w/ setting nss_reconnect options. Do you run nscd? I’m having similar problems even w/ setting nss_reconnect options. Do you run nscd?

]]>