Fedora Linux Support Community & Resources Center
Prev Previous Post   Next Post Next
Old 23rd December 2011, 06:24 PM
dave2011 Offline
Registered User
Join Date: Dec 2011
Location: somwhere
Posts: 10
Speeding local login when LDAP server unavailable

Hi. First of all Merry Christmas everyone and Happy New Year !

I’m hoping someone could help me to understand the following issues with local linux logins when LDAP authentication is enabled.
I have a general account “student” in fedora 15 to enable users to login locally if a network problem occurs, or if they simply prefer that instead of logging with their own accounts. Some years ago there was a problem with local logins with ID > 100 but I solved this by editing the /etc/pam.d/system-auth file.

Today I was able to shutdown the ldap server for a few hours and here’s what happens now:
If the fedora pc has no network connection (either by a disconnected cable or unreachable DHCP server), the local login “student” is ultra fast both in text mode and graphical. How does it bypass ldap automaticaly?

If the fedora pc has a network connection and the LDAP and nfs server (for home folders) is available, everything is ok. Local login with “student” is also ultra fast.

But if the pc is network connected and the server is unavailable, the local login was taking about 55 seconds in text mode and an eternity in graphical mode. Please note that the login with “root” is immediate, this only happens with other local accounts.
I’ve been editing the /etc/pam.d/system-auth and password-auth (they actually always had the same content) inserting options such as “authinfo_unavail=ignore” but no results, and I to tell the truth, I do not really understand all those options and syntax.

The only thing that speed up the local login was when I’ve edited the /etc/nss_ldap.conf file and set both
timelimit” and “bind_timelimit” to 1 instead of the default value. This way I can login in text mode in about 13 seconds and graphically in just above 1 minute, which was really great, compared to my previous situation.

My nsswitch.conf file has the following entries:

passwd: files ldap
shadow: files ldap
group: files ldap

So, why the root login was always so fast, even before I decreased the timelimit and bind_timelimit in nss_ldap.conf, and not the local account “student” ?
Thank you very much.
Merry Christmas !
Reply With Quote

ldap, local, login, server, speeding, unavailable

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
A couple of LDAP problems - local login & Samba ledmatrix Servers & Networking 2 28th November 2010 07:09 PM
Local apps not working when LDAP login AbsoluteMonkey Using Fedora 5 5th January 2009 02:15 AM
pam.conf for local/ldap login authentication mcanovas Security and Privacy 0 4th May 2006 08:58 PM
LDAP SSL support unavailable johns3001a Servers & Networking 1 26th February 2006 05:23 AM

Current GMT-time: 19:30 (Sunday, 24-09-2017)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat