pam/winbind user not found problem
RB
aoz.syn at gmail.com
Thu Jul 16 16:19:34 UTC 2009
On Thu, Jul 16, 2009 at 09:41, Gary Greene<greeneg at tolharadys.net> wrote:
> The name service caching daemon (nscd) is a primary cause of difficulties with
> name resolution, particularly where winbind is used. Winbind does its own
> caching, thus nscd causes double caching which can lead to peculiar problems
> during debugging. As a rule, it is a good idea to turn off the name service
> caching daemon.
I don't doubt the issues with double caching, but perhaps instead of
killing the mosquito with a shotgun, it would be more prudent to use
/etc/nscd.conf to either turn off credential caching or reduce its TTL
to a fraction of winbind's.
That said, I'm not sure caching is the issue here - you seem to have
found the issue I saw as well (UID check with a completely non-local
user).
More information about the Pam-list
mailing list