24 Mar
2010
24 Mar
'10
12:47 a.m.
On Wednesday, 24 March 2010 01:30:25 Tyler Gates wrote:
And don't forget nsswitch. ldap should be first for group and passwd.
There is no requirement for ldap to be listed first, it works fine with "files ldap" or similar more complex setups (like "files ldap [NOTFOUND=return] db".
The order in which to list them would be up to site-specific requirements (but, I prefer to have 'files' first, it is one of the many things to consider if you have a requirement for local authentication to work in the case of LDAP being unavailable for whatever reason).
Regards, Buchan