1 |
On Tue, 5 Sep 2006 at 17:51, Nicolas MASSÉ wrote: |
2 |
> On Tuesday 05 September 2006 17:35, Andrew D. Fant wrote: |
3 |
>> I know that there is an NIS emulation mode for ldap, but is there a more |
4 |
>> elegant way to have a local password file, where logins are checked first |
5 |
>> against the directory, and if there is no ldap entry for the user, falling |
6 |
>> back to the local files? |
7 |
> |
8 |
> In /etc/nsswitch.conf, you can have an entry like this : |
9 |
> |
10 |
> passwd: ldap files |
11 |
> shadow: ldap files |
12 |
> group: ldap files |
13 |
|
14 |
I don't know much about this, but given Andrew's constraints and what |
15 |
the nsswitch.conf man page says I'd think he just wants: |
16 |
|
17 |
shadow: ldap files |
18 |
|
19 |
without the other two, since he said that he doesn't want everyone |
20 |
in the enterprise to have access to the gentoo boxes, and that the |
21 |
group structure is different. |
22 |
|
23 |
--David |