On Mon, Dec 12, 2011 at 05:01:53PM +0100, Denis Witt wrote: > On 12.12.2011 16:44, Craig White wrote: > > >>> I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I am facing > >>>the 'I have no name !' while I do ssh on client machine(All user info is > >>>getting propagated to client machines properly (checked with getent > > >>are you using nscd (Name Service Cache Daemon)? If so uninstall it and the > >>error should be gone. See google for details. > > >>If you want to verify before uninstall just restart/stop nscd and check if > >>the name is shown. > > >FTR - I don't personally care for nscd very much but it seems that with > >Ubuntu 10.04 LTS that I am forced to use it or my host-based ACL's > >(pam_check_host_attr yes) will fail. > > Hi, > > please always reply to the list, thanks. > > Another "solution" might be to restart nscd every hour (or > something), it seems that the cache is refreshed then and everything > works fine. > > Bye. > >
I don't use nscd on any Ubuntu host here, but then I don't use pam_check_host_attr either. For per-host logins I use puppet to configure nslcd with a host-specific ldap filter. That way your group/host information is centrally controlled as well.
