On Jul 15, 2010, at 6:15 PM, Gordon Messmer wrote:
> On 07/15/2010 05:09 PM, Gordon Messmer wrote:
>>
>> Did you build it from source or were you trying to install one of the
>> binary packages? You'll definitely want to build from source.
>
> I take that back. Don't build it from source, that
On 07/15/2010 05:09 PM, Gordon Messmer wrote:
>
> Did you build it from source or were you trying to install one of the
> binary packages? You'll definitely want to build from source.
I take that back. Don't build it from source, that's silly.
Install the EPEL repo. You can then "yum install s
On 07/15/2010 10:32 AM, Brian Marshall wrote:
> Does the fact that I am testing without SSL, TLS or Kerberos enabled
> have any effect on this?
No, it doesn't.
> I'm grasping at straws at this point. I'm starting feel like maybe
> LDAP was not such a great idea since linux clients can't operate i
On 07/15/2010 10:26 AM, Brian Marshall wrote:
> Then am I misinterpreting the fact that getent shadow returns data on
> ldap users when ldap is up but not when it's down?
It would be unusual, but not impossible for "getent shadow ..." to have
the password hashes available. If that is the case, y
On 07/15/2010 01:14 PM, Brian Marshall wrote:
>
> I don't have a file /usr/lib/python2.4/site.py
On a 64 bit system, it'll be /usr/lib64/python2.4/site.py
The easiest way to extend the path is to set the PYTHONPATH environment
variable.
# env PYTHONPATH=/usr/local/lib/python2.4/site-packages py
On 7/15/10 1:14 PM, "Brian Marshall" wrote:
>> What you're looking for is information on sitecustomize. Look at
>> /usr/lib/python2.4/site.py for more information.
>>
>> --
>> Gary L. Greene, Jr.
>> IT Operations
>> Minerva Networks, Inc.
>> Cell: (650) 704-6633
>> Phone: (408) 240-1239
>>
>>
On Jul 15, 2010, at 2:27 PM, Alexander Dalloz wrote:
> Am 15.07.2010 22:16, schrieb Brian Marshall:
>> On Jul 15, 2010, at 2:12 PM, Alexander Dalloz wrote:
>>
>>> Am 15.07.2010 19:26, schrieb Brian Marshall:
>>>
Then am I misinterpreting the fact that getent shadow returns data on ldap
>>
Am 15.07.2010 22:16, schrieb Brian Marshall:
> On Jul 15, 2010, at 2:12 PM, Alexander Dalloz wrote:
>
>> Am 15.07.2010 19:26, schrieb Brian Marshall:
>>
>>> Then am I misinterpreting the fact that getent shadow returns data on ldap
>>> users when ldap is up but not when it's down? I guess I don't
On Jul 15, 2010, at 2:12 PM, Alexander Dalloz wrote:
> Am 15.07.2010 19:26, schrieb Brian Marshall:
>
>> Then am I misinterpreting the fact that getent shadow returns data on ldap
>> users when ldap is up but not when it's down? I guess I don't understand
>> where that shadow data comes from wh
> What you're looking for is information on sitecustomize. Look at
> /usr/lib/python2.4/site.py for more information.
>
> --
> Gary L. Greene, Jr.
> IT Operations
> Minerva Networks, Inc.
> Cell: (650) 704-6633
> Phone: (408) 240-1239
>
> ___
> CentOS
Am 15.07.2010 19:26, schrieb Brian Marshall:
> Then am I misinterpreting the fact that getent shadow returns data on ldap
> users when ldap is up but not when it's down? I guess I don't understand
> where that shadow data comes from when LDAP is up.
/etc/nsswitch.conf
Alexander
___
On 7/15/10 11:49 AM, "Brian Marshall" wrote:
> On Jul 15, 2010, at 12:37 PM, Gary Greene wrote:
>> On 7/15/10 11:29 AM, "Brian Marshall" wrote:
>>> On Jul 15, 2010, at 11:46 AM, Gary Greene wrote:
On 7/15/10 9:15 AM, "Brian Marshall" wrote:
> Hi Todd,
>
> Yes, I have already us
On Jul 15, 2010, at 12:37 PM, Gary Greene wrote:
> On 7/15/10 11:29 AM, "Brian Marshall" wrote:
>>
>> On Jul 15, 2010, at 11:46 AM, Gary Greene wrote:
>>
>>> On 7/15/10 9:15 AM, "Brian Marshall" wrote:
Hi Todd,
Yes, I have already used authconfig to enable caching. If you have
On 7/15/10 11:29 AM, "Brian Marshall" wrote:
>
> On Jul 15, 2010, at 11:46 AM, Gary Greene wrote:
>
>> On 7/15/10 9:15 AM, "Brian Marshall" wrote:
>>> Hi Todd,
>>>
>>> Yes, I have already used authconfig to enable caching. If you have any
>>> questions about my configs I have a forum post with
On Jul 15, 2010, at 11:46 AM, Gary Greene wrote:
> On 7/15/10 9:15 AM, "Brian Marshall" wrote:
>> Hi Todd,
>>
>> Yes, I have already used authconfig to enable caching. If you have any
>> questions about my configs I have a forum post with more details up there
>> including the related ldap, and
On 7/15/10 9:15 AM, "Brian Marshall" wrote:
> Hi Todd,
>
> Yes, I have already used authconfig to enable caching. If you have any
> questions about my configs I have a forum post with more details up there
> including the related ldap, and pam config files.
> https://www.centos.org/modules/newbb/
Does the fact that I am testing without SSL, TLS or Kerberos enabled have any
effect on this? I figured I'd do the security and encryption last.
I'm grasping at straws at this point. I'm starting feel like maybe LDAP was not
such a great idea since linux clients can't operate in the absence of
Then am I misinterpreting the fact that getent shadow returns data on ldap
users when ldap is up but not when it's down? I guess I don't understand where
that shadow data comes from when LDAP is up.
I just did some brief testing on installing sssd and there's a ton of fedora
packages I'll need
On 07/15/2010 09:15 AM, Brian Marshall wrote:
>
> The problem still remains, when the LDAP server is offline there is
> no shadow data cached so LDAP users can not authenticate on cached
> data despite caching and local auth sufficient being enabled in
> authconfig .
Most LDAP servers don't provi
On 07/15/2010 08:37 AM, Brian Marshall wrote:
> Yes but I have worked in many organizations that use directory
> services for authentication and my machines with them have always
> cached authentication data so I can login if I'm not online. I can't
> expect laptop users to always have a network co
It seems there are some bugs discussed around this.
http://sources.redhat.com/bugzilla/show_bug.cgi?id=2132
https://bugzilla.redhat.com/show_bug.cgi?id=488597
https://bugzilla.redhat.com/show_bug.cgi?id=599192
That being said, it does not seem like nscd is the way to solve this. Or at
very leas
Hi Todd,
Yes, I have already used authconfig to enable caching. If you have any
questions about my configs I have a forum post with more details up there
including the related ldap, and pam config files.
https://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=27153&forum=42
T
Brian Marshall wrote, On 07/15/2010 11:37 AM:
> Yes but I have worked in many organizations that use directory services for
> authentication and my machines with them have always cached authentication
> data so I can login if I'm not online. I can't expect laptop users to always
> have a network
Yes but I have worked in many organizations that use directory services for
authentication and my machines with them have always cached authentication data
so I can login if I'm not online. I can't expect laptop users to always have a
network connection. If Mac OS and Windows can manage to cache
> Your /etc/nscd.conf is only configured to cache passwd/group/hosts. It's
> not configured to cache shadow.
>
> (I don't know if nscd _can_ be configured to cache shadow or not; never
> tried)
> rgds
> Stephen
The nscd is a "name service caching daemon" and not an authentication
credentials ca
> The problem I am having is that shadow does not seem to get cached by
> nscd. Here's how I have tracked this down.
NSCD not caching shadow user credentials is a fact. There is nothing wrong
with your configuration. NSCD just does not do what you seem to expect
from it. You can't make it what yo
On Wed, Jul 14, 2010 at 09:05:38PM -0600, Brian Marshall wrote:
> My config files can be referenced on my forum post
> https://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=27153&forum=42
Your /etc/nscd.conf is only configured to cache passwd/group/hosts. It's
not configured
On Wed, 2010-07-14 at 21:05 -0600, Brian Marshall wrote:
> So, when LDAP is down I can clearly see that nscd is caching passwd
> but not shadow.
---
""if getent shadow as root returns a shadow file with passwords, then
the PAM unix module can do authentication without using libpam-ldap""
So tha
Hi All,
I have a post on the forums about this. I'm hoping maybe you guys can help me
track down what I'm doing wrong.
I am trying to get nscd to cache my LDAP user data. You know, for when the LDAP
server goes down. The problem I am having is not related to the "bind_policy
soft" issue that
29 matches
Mail list logo
