My bug 509734 was marked as a duplicate of this one. This was a special case using the atd job scheduler. At jobs launched by ldap users worked, but at jobs launched by root did *not* work. atd was doing a group lookup, and nss was dropping privileges, thus breaking root-launched at jobs. To work around this, I added the following line to my /etc/ldap.conf:
nss_initgroups_ignoreusers <users> where <users> is the list of local non-ldap users, particularly root! There is a script that is part of nss-ldap that does this for you: /usr/sbin/nssldap-update-ignoreusers Atd is finally working for me now. -- NSS using LDAP+SSL breaks setuid applications like su and sudo https://bugs.launchpad.net/bugs/423252 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
