However, I note that the Debian changelog of the libnss-ldap package has this entry:
libnss-ldap (251-4) unstable; urgency=low
* Added system which implicitly sets bind_policy to 'soft'
during system boot/shutdown. This is implemented by an
init script run at end of system boot and start of system
shutdown which creates/removes a file in /var/lib/libnss-ldap
called 'bind_policy_soft'. When this file exists the policy
is treated as 'soft' regardless of the configuration in
/etc/nss-ldap.conf. Note that soft doesn't mean 'always
fail' but rather only try to connect to each URI listed in
the configuration file once, with no sleeping.
Closes: #375077, #375215
I don't know what to make of that yet. I will try to get a system running this afternoon with ldap, nss_ldap, etc and a notebook client and see what happens.
I believe that "soft" is a better default for nss_ldap. FWIW, Mandriva has been using this patch for quite a while now: svn.mandriva. com/cgi- bin//viewvc. cgi/packages/ cooker/ nss_ldap/ current/ SOURCES/ nss_ldap- 250-bind_ policy_ default_ soft.patch? revision= 5975&view= markup
http://
However, I note that the Debian changelog of the libnss-ldap package has this entry:
libnss-ldap (251-4) unstable; urgency=low
* Added system which implicitly sets bind_policy to 'soft' libnss- ldap nss-ldap. conf. Note that soft doesn't mean 'always
during system boot/shutdown. This is implemented by an
init script run at end of system boot and start of system
shutdown which creates/removes a file in /var/lib/
called 'bind_policy_soft'. When this file exists the policy
is treated as 'soft' regardless of the configuration in
/etc/
fail' but rather only try to connect to each URI listed in
the configuration file once, with no sleeping.
Closes: #375077, #375215
I don't know what to make of that yet. I will try to get a system running this afternoon with ldap, nss_ldap, etc and a notebook client and see what happens.