I experienced the same problem and found a solution. In your /etc/ldap.conf file
(which I had the ldap.conf in /etc/openldap symlinked to), add the following
line to the bottom of the file:
nss_initgroups_ignoreusers root,haldaemon,dbus,ldap,sshd (any other group that
is locally stored and used by applications go here)
Regards,
Dan
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
Behalf Of Benjamin Donnachie
Sent: Tuesday, September 29, 2009 10:37 AM
To: centos at centos.org
Subject: [CentOS] CentOS 5.3 LDAP problem.
I currently have about eight servers running a mixture of CentOS
x86_64 v5.2 and v5.3 but none with the very latest updates. They all
obtain their authentication information over LDAP and to avoid the
starting message bus hang problem[1], nscd is set to soft failure.
However, yesterday I set up a new CentOS v5.3 server with the latest
updates, but it refuses to get beyond "Starting message bus" if I have
ldap as an option in nsswitch.conf. The LDAP server is hosted on two
separate machines and this machine has an identical set up to the
others - including soft failure in the nscd config.
If I remove all references to ldap from nsswitch.conf I can get the
machine to boot. I can then add those entries back, start nscd and
getent works fine. However, when I start samba it then starts to fail
stating that it cannot find a users unix account - which is clearly
incorrect!
To compound matters, ssh now seems to be locking up; freezing after
requesting a password and eventually dropping connection. As I am
working off-site for the test of the week I cannot post any further
information at the moment, however, I think that the installed kernel
had a September 2009 compile date.
Does anyone know of any reason why the latest updates could be causing
this behaviour? I have been unable to find anything relevant in the
list archives or in the forums.
I am under pressure to get this server working and I don't want to be
forced to install Windows, so any advice would be appreciated.
Many thanks,
Ben
[1] http://bugs.centos.org/view.php?id=2047
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos