I recently experienced this problem on Trusty, and tried several of the
recommended work-arounds, without success until I tried switching to
libnss-ldapd in place of libnss-ldap.
That worked. Now I can successfully reboot my LDAP clients.
Amazing that something so fundamental is still broken seve
nss_initgroups_ignoreusers with users with id < 500 works for me.
** Attachment removed: "libnss_ldapd_w_user.log"
https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1024475/+attachment/4301881/+files/libnss_ldapd_w_user.log
** Attachment removed: "libnss_ldapd.log"
https://bugs.l
** Attachment added: "libnss_ldapd.log"
https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1024475/+attachment/4301882/+files/libnss_ldapd.log
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bu
** Attachment added: "libnss_ldapd.log"
https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1024475/+attachment/4301880/+files/libnss_ldapd.log
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bu
** Attachment added: "libnss_ldapd_w_user.log"
https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1024475/+attachment/4301881/+files/libnss_ldapd_w_user.log
** Attachment removed: "libnss_ldapd.log"
https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1024475/+attachment/4301
libnss-ldapd doesn't work if user doesn't exist in the system.
once user is created - ssh authentication works fine.
Here are ssh debug logs for: libnss-ldap, libnss-ldapd wo user, and
libnss-ldapd w user
** Attachment added: "libnss_ldap.log"
https://bugs.launchpad.net/ubuntu/+source/libnss-
Solution #14 did work for us on Ubuntu 14.04 LTS. We were copying over
/etc/ldap.conf via config mgmt for years now. Pretty big impact for a
missing newline at the end of a file ... Thanks a lot for pointing out,
Graham!
--
You received this bug notification because you are a member of Ubuntu
Ser
OK, so it appears that libnss-ldapd also works for me. (looks more like
RH anyway).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/1024475
Title:
libnss-ldap causes boot hang o
Dang! this is not a little thing! How does one get some attention on this
issue? What does it take to get this bug fixed? Anyone? -
This has and is causing me countless hours.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ld
I ran into this issue several month ago. I tried every workaround I could find,
but nothing worked.
The debian documentation already warns that libnss-ldap has been orphaned. This
means that it does not have a real maintainer at the moment.
They suggest to use the alternative package libnss-ldapd
I ran into this issue today and I'm very surprised this issue is that
old. This bug makes Ubuntu as an LDAP client unusable.
#17 did help for faster booting of the machine, but that's it. Any
command is still so slow, the machine is useless.
#2 tried it like this:
- Adapted init script /etc/init.
#1 worked for me, but now I have to set the groups manually which kind of
defeats the purpose (fortunately they don't change much).
#17 did not work.
I also tested libpam-ldap on a ubuntu server (static ip, no network-manager)
without having any problems,
so the timing of the upcoming network co
I had a similar problem after an release upgrade from 12.04.3 to
14.04.1.
After the upgrade, only local users could log in and any command was very
slooow.
In particular commands like add-user or add-group would never finish.
Removing mentions of ldap in nsswitch.conf seemed to solve the problem
Hi,
I lost more than 4 hours on this issue and found a solution. I hope it
could help others.
Got the issue on a brand new 14.04.1 installation. Modification of the
libnss-ldap (#2) script didn't solve the issue.
I found a solution on following the page :
http://backdrift.org/how-to-get-pam-lda
At some point, this started working again after a dist-upgrade, so
nss_initgroups_ignoreusers is working for me.
The only thing I've done on top of that for house keeping purposes, is
to modify the init script to remove the ignoreusers line on system start
(the configs are controlled vi puppet, an
I also tried fix #2 . I had to create my own files for :
/etc/nsswitch.conf.ldap
/etc/nsswitch.conf.local
I assume the ldap file contains the ldap and the .local files does not.
The fix did not work for me.
Please post the above files and the full working script for
/etc/i
Having recently run into this and spent some time debugging it would
appear that one potential cause is if you have edited /etc/ldap.conf and
do not have a new line at the end of the file (so in our case copying a
standard config in as part of a deployment script)
When the libnss-ldap init script
the workarund in #2 isnt working for me. but im not sure if i did the
right:
#! /bin/sh -e
### BEGIN INIT INFO
# Provides: libnss-ldap
# Required-Start:
# Required-Stop: mountall.sh
# Default-Start:
Yep, sad to say this is still happening, 2 years later. Brand new
install of 14.04 LTS goes into high cpu usage during boot and you never
make it to a usable login prompt with LDAP enabled. Tried setting the
LDAP URI to localhost, LAN IP and it's FQDN, no effect.
Luckily, the workaround posted in
hello i have a similar problem. im booting fatclients (ltsp). after
configuring the ldap client (installing libnss ldap) and adding the
paramater "ldap" to nsswitch.conf, the fatclient doesnt boot! if i
removeing "ldap" all works fine, but this is no solution for me!
by the way, the same configura
This is still an issue on 14.04 LTS.
This was fixed ages ago with this change:
libnss-ldap (251-5.2) unstable; urgency=high
* Change the init script policy. Instead of stopping libnss-ldap.init on
clean shutdown (touching a file) and starting it after networking (rm-ing
it), we touch t
Got bit by this, too; however, in my case it's adding "ldap" to the
hosts line that got me into trouble.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/1024475
Title:
libnss-lda
seriously? 6 months and this isn't fixed? I just got bit by this after
upgrading and rebooting my LDAP server! Imagine the panic that set in
at first.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bug
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: libnss-ldap (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https://bugs.launchpad.net
Hi,
We are using the Ubuntu's default network configuration, nothing done
manually on /etc/interfaces.
It does bring the network up before login and works perfectly with
nss_winbind.
So the problem is likely the integration of nss_ldap on Ubuntu and not
the network configuration.
--
You receiv
I'm a bit confused.
If you're using Network Manager, then you can only expect to get a
working network after login, right? But if you want to use LDAP to
authenticate the login, how is this going to work before the network is
brought up?
** Changed in: libnss-ldap (Ubuntu)
Status: Incomple
Hello Clint,
We are using the default for networking, ie, Network Manager.
Booting with --verbose noquiet results in the single 2 lines:
Loading configuration from /etc/init.conf
Loading configuration fomt /etc/init
being printed.
The system hangs right there.
--
You received this bug notif
Hi gustavo, thanks for taking the time to file this bug report.
Network interfaces have two modes. One is /etc/network/interfaces, and
the other is NetworkManager. Which are you using? The former will bring
up any interfaces as soon as udev detects them. It will also do a
blanket bring up of any i
Current workaround is changing the existing script /etc/init.d/libnss-
ldap to include:
[...]
case "$1" in
start)
cp -f /etc/nsswitch.conf.ldap /etc/nsswitch.conf
;;
stop)
cp -f /etc/nsswitch.conf.local /etc/nsswitch.conf
Further debug indicates that this is a group resolution problem at boot
time because
passwd: compat ldap
group: compat
shadow: compat ldap
boots perfectly.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in Ubuntu.
https:
30 matches
Mail list logo
