Steve, You can close this. i have figured out how to make my LDAP passwd map behave.
For anyone following along or who may find this in their travels, you will want to remove the shadowAccount object class from any ldap entries which represent users that should be authenticated by Kerberos -- or should otherwise not have shadow map entries (and the corresponding "x" in the password field of the passwd map) for whatever reason. Once the shadowAccount object class is removed, the passwd entries will have a "*" in the password field and there will be no shadow entry for them returned by nss_ldap. -- account configuration not working https://bugs.launchpad.net/bugs/456985 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
