On Tue, Jan 20, 2009 at 02:43:03PM +0100, Emmanuel Lesouef wrote:
> > > The problem is that when postfix receives/sends an email, it does a
> > > lookup in our LDAP proxy to get postfix's group and uid. This
> > > definitely ends up with a "0 entries found" which is not a problem
> > > because /etc/nsswitch.conf contains the following :
> > >
> > > passwd: compat ldap
> > > group: compat ldap
> > > shadow: compat ldap
> > >
> > > Is there a way to tell postfix (and other services, as well) not to
> > > try ldap ?
> >
> > Postfix does not look in /etc/nsswitch.conf. That is the job of
> > the getpwnam SYSTEM LIBRARY ROUTINE.
> >
> > Wietse
>
> Ok. So I suppose I'll have to find what pam related issue this is
> related to.
PAM has nothing to do with this, your nsswitch.conf specifies use of
LDAP for getpwnam(3) and getgrnam(3).
> In my opinion, none of the system services should bind to ldap.
Don't put LDAP in nsswitch.conf if you don't want to use it, but then
of course your LDAP-listed users will have trouble logging in.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
