ldap users shows up in user list, but unable to login
by slacker lnx
Hi
I am using LDAP for authenticating users. I have some Fedora 8 servers
which are setup as ldap clients. When I create users in LDAP it shows up on
all clients. I can do an 'ldapsearch' or 'getent passwd' and all the
clients shows up the ldap users. But on one of the client, I am unable to
login (through ssh) using the ldap userids. When I login as root and try to
switch user I get a message 'user does not exist' (getent passwd and
ldapsearch shows the user). On all other clients it works fine. I compared
the config files in /etc/pam.d/ and /etc/nsswitch.conf but I don't see any
difference.
What else can I check, which other config files do I need to look at? I had
followed the same steps while configuring all ldap clients.
Please help
Thanks
7 years, 5 months
Mixing multi-master and master-slave replication
by Robert Minsk
As a factility we have locations world wide. Within each facility we
would like to use multi-master replication. We would also like to sync
each facility to a glued set of databases on the global servers with
simple master slave replication. See ASCII art diagram below. If every
OpenLDAP server across all our locations has a unique "serverID" will
the global master-slave replication play nice with the facility
multi-master replication?
-------- -------- -------- --------
| la01 |<-- multi-master --> | la02 | | ny01 |<-- multi-master -->| ny02 |
-------- -------- -------- --------
| |
-- master-slave -- -- master-slave --
| |
v v
------------
| global01 |
------------
--
Robert Minsk
Systems and Software Engineer
WWW.METHODSTUDIOS.COM <http://www.methodstudios.com>
730 Arizona Ave, Santa Monica, CA 90401
O:+1 310 434 6500 <tel:+13104346500> // F:+1 310 434 6501
<tel:+13104346501>
Los Angeles
<http://www.methodstudios.com/signature/url/los-angeles><http://www.methodstudios.com/signature/url/los-angeles>
This e-mail and any attachments are intended only for use by the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this e-mail, you are hereby notified any dissemination, distribution or copying of this email and any attachments is strictly prohibited. If you receive this email in error, please immediately notify the sender by return email and permanently delete the original, any copy and any printout thereof. The integrity and security of e-mail cannot be guaranteed.
7 years, 5 months