Ldap x local users
Tiago Cruz
tiagocruz at forumgdh.net
Tue Oct 16 21:54:13 UTC 2007
On Tue, 2007-10-16 at 13:58 -0700, Paul B. Henson wrote:
> In that case, the only naming service call that would touch ldap for a
> local user would be initgroups. Check the nss_ldap documentation for the
> nss_initgroups_ignoreusers config option.
Nice Paul,
It's exactly what's I'm looking for, many thanks!
For history, put in your ldap.conf:
nss_initgroups_ignoreusers root,ldap,daemon,nobody,postfix,sendmail,named,apache,sshd
And remove "ldap" entry for 'grup' on nsswitch.conf
Works on nss-ldap v.245 or greater.
Many thanks!
--
Tiago Cruz
http://everlinux.com
Linux User #282636
More information about the redhat-sysadmin-list
mailing list