Hi, (I never configured NSS/LDAP myself)
On Mon, Jan 11, 2010 at 01:22:26PM +0100, Michael Mühlbauer wrote: > I have a problem with my NSS/LDAP setup. When I set > > passwd: files [SUCCESS=return] ldap > group: files [SUCCESS=return] ldap > shadow: files > > in /etc/nsswitch.conf and then enter 'id root' in the shell the NSS > tries to contact the LDAP server *although* root is contained in > /etc/passwd, /etc/group (and /etc/shadow) and can thus be > authenticated without inquiring the LDAP server. > > So what I want is, to have users be authenticated via LDAP only when > they are *not* in the passwd/group files. How do I archieve this? In most installations, /etc/shadow contain local password setting. Why not > shadow: files [SUCCESS=return] ldap (passwd only contain account public info.) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
