Hello,

 

                I seem to be having an issue with nss_initgroups_ignoreusers.  I have the following line in my /etc/ldap.conf file but it still seems to search ldap for the users.  Can anyone shed some light on this issue for me?  Also, I am running nss_ldap version  >= 2.53.  I have supplied a snippet of the sldap log…

 

[ /etc/ldap.conf ]

nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,postmaster,anonymous,apache

[end ]

 

[ log snippet ]

 

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=140 fd=48 ACCEPT from IP=127.0.0.1:59736 (IP=0.0.0.0:389)

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=69 op=27 SRCH base="ou=Internal,dc=mgmt,dc=test,dc=com" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=postmaster))"

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=69 op=27 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=139 op=0 STARTTLS

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=139 op=0 RESULT oid= err=0 text=

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=69 op=27 SEARCH RESULT tag=101 err=0 nentries=0 text=

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=69 op=28 SRCH base="ou=Internal,dc=mgmt, dc=test,dc=com " scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=postmaster))"

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=69 op=28 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass

Oct 24 12:15:33 ldap-proxy slapd[10000]: conn=139 fd=62 TLS established tls_ssf=256 ssf=256

 

[ end snippet ]

 

Thanks