Linux.com

LDAP Cached Authentication

Reply Topic
Link to this post 14 Dec 09

Hi there!

Ever since I got LDAP to work I've been wondering which is the right way to authenticate laptop users when they can't reach the LDAP server.

I tried a few pam modules such as pam_ccreds and a procedure which involves nss-updatedb and modifying libnss-db. More details can be found here.

That didn't work, but I also read that nss-updatedb is not such a good idea as it downloads the necessary authentication information for all users and not just for those with recent successful authentication. Thus generating a big amount of network traffic.

Which is the right way to go? Is it otherwise impossible to use a laptop with LDAP? I would prefer if I don't have to create a local username on every laptop.

Thanks!

Fede

PS: Using OpenSUSE but I believe it doesn't really make much difference in this case

Quote post
fedev
  • Linux.com Member

Posts: 9

Link to this post 15 Dec 09

You may be able to use nscd and tweek the time to live settings.

man nscd
man nscd.conf

Quote post
bluedemon
  • Linux.com Member

Posts: 3

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board

Explore

Answers

Blogs

Forums

Directory

Stay Current

Netbooks

Cloud Computing

Enterprise

Embedded & Mobile

About Linux.com

How to Participate

Contact / About

Advertise

Privacy / Terms / Editorial Policy