[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nssldap
Subject:    Re: [nssldap] nss_ldap-1.244 timeout
From:       Buchan Milne <bgmilne () mandriva ! org>
Date:       2006-02-02 15:06:44
Message-ID: 200602021706.44679.bgmilne () mandriva ! org
[Download RAW message or body]


On Thursday 02 February 2006 15:29, Luke Howard wrote:
> If you are running nss_ldap on the same machine as your directory
> server, you really need "bind_policy soft" in /etc/ldap.conf.

Or, if it is remotely possible that any user enumeration requests will be made 
when any available LDAP servers are *not* available. Such as when booting a 
machine, as with udev started before any network interfaces are up. Or, if 
there is any other kind of network outage. Or many other possible scenarios.

I believe this is broken. Is there a reason for it? Can the default be changed 
at compile-time?

Regards,
Buchan

-- 
Buchan Milne
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]