How to cache login in ldap clients !!! Please helpppp !!!!
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How to cache login in ldap clients !!! Please helpppp !!!!
Hey guys
iīve one big problem with nscd.conf this donīt work i tried many examples of configuration the nscd.conf simply donīt work when i stop the ldap server i try access by ssh on the client i canīt make logon.
And the database on /var/db/nscd donīt work.
follows below the conf of nscd.conf , nsswitch.conf
enable-cache group yes
positive-time-to-live group 60
negative-time-to-live group 60
suggested-size group 211
check-files group yes
persistent group no
shared group yes
max-db-size group 33554432
auto-propagate group yes
i installed sssd but i canīt find anything conclusive about this
follow the configuration of sssd.conf simply donīt work it isnīt builds the database on /var/lib/sss/db however exist an archive config.ldb .
please i need help !!!!!
follow below configuration on /etc/sssd/sssd.conf * and /etc/nsswitch.conf remembering that nscd is offline.
# Number of times services should attempt to reconnect in the
# event of a crash or restart before they give up
reconnection_retries = 3
# If a back end is particularly slow you can raise this timeout here
sbus_timeout = 30
services = nss, pam
# SSSD will not start if you do not configure any domains.
# Add new domain configurations as [domain/<NAME>] sections, and
# then add the list of domains (in the order you want them to be
# queried) to the "domains" attribute below and uncomment it.
; domains = LOCAL,LDAP
domains = default
[nss]
# The following prevents SSSD from searching for the root user/group in
# all domains (you can add here a comma-separated list of system accounts that
# are always going to be /etc/passwd users, or that you want to filter out).
filter_groups = ou=Group,dc=energia,dc=org,dc=br
filter_users = ou=People,dc=energia,dc=org,dc=br
reconnection_retries = 3
# The entry_cache_nowait_percentage indicates the percentage of the
# entry_cache_timeout to wait before updating the cache out-of-band.
# (NSS requests will still be returned from cache until the full
# entry_cache_timeout). Setting this value to 0 turns this feature
# off (default).
entry_cache_nowait_percentage = 300
[pam]
reconnection_retries = 3
# Example domain configurations
# Note that enabling enumeration in the following configurations will have a
# moderate performance impact while enumerations are actually running, and
# may increase the time necessary to detect network disconnection.
# Consequently, the default value for enumeration is FALSE.
# Refer to the sssd.conf man page for full details.
# Example LOCAL domain that stores all users natively in the SSSD internal
# directory. These local users and groups are not visible in /etc/passwd; it
# now contains only root and system accounts.
# Example native LDAP domain
# ldap_schema can be set to "rfc2307", which uses the "memberuid" attribute
# for group membership, or to "rfc2307bis", which uses the "member" attribute
# to denote group membership. Changes to this setting affect only how we
# determine the groups a user belongs to and will have no negative effect on
# data about the user itself. If you do not know this value, ask an
# administrator.
[domain/LDAP]
id_provider = ldap
auth_provider = ldap
ldap_schema = rfc2307
ldap_uri = ldap://10.60.1.236
ldap_search_base = dc=energia,dc=org,dc=br
ldap_tls_reqcert = demand
cache_credentials = true
enumerate = true
entry_cache_timeout = 5400
# Example LDAP domain where the LDAP server is an Active Directory server.
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: db files ldap sss
shadow: db files ldap sss
group: db files ldap sss
ethers: db files
netmasks: files ldap
networks: files ldap
protocols: db files
rpc: db files
services: db files
netgroup: files ldap
#publickey: nisplus
#automount: files ldap
aliases: files ldap
sudoers: files ldap
automount: files ldap
log /var/log/messages
Jul 26 10:57:23 lxbi01 yum: Installed: openldap24-libs-devel-2.4.23-5.el5.x86_64
Jul 26 11:00:21 lxbi01 sssd: nscd socket was detected. Nscd caching capabilities may conflict with SSSD for users and groups. It is recommended not to run nscd in parallel with SSSD, unless nscd is configured not to cache the passwd, group and netgroup nsswitch maps.
Jul 26 11:00:21 lxbi01 sssd: Cannot load configuration database
Jul 26 11:03:16 lxbi01 sssd: nscd socket was detected. Nscd caching capabilities may conflict with SSSD for users and groups. It is recommended not to run nscd in parallel with SSSD, unless nscd is configured not to cache the passwd, group and netgroup nsswitch maps.
Jul 26 11:03:16 lxbi01 sssd: Cannot load configuration database
Jul 26 11:04:17 lxbi01 sssd: Cannot load configuration database
Jul 26 11:05:51 lxbi01 sssd: Cannot load configuration database
Jul 26 11:37:58 lxbi01 sssd: Cannot load configuration database
Jul 26 13:41:03 lxbi01 sssd: nscd socket was detected. Nscd caching capabilities may conflict with SSSD for users and groups. It is recommended not to run nscd in parallel with SSSD, unless nscd is configured not to cache the passwd, group and netgroup nsswitch maps.
Jul 26 13:41:03 lxbi01 sssd: Cannot load configuration database
Last edited by pauloedusp; 07-26-2012 at 11:43 AM.
thanks
but i still have some problem with configuration of sssd.conf it doesn't work
i have a big doubt how set up sssd.conf ?
on the above configuration where īs wrong ?
==================================================================================================== =============
tail /var/log/messages
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.