Description of problem: When LDAP Authentication is enabled, the system fails to boot past the System Message Bus. It hangs completely at this point. Version-Release number of selected component (if applicable): 2.3.27 How reproducible: Every time Steps to Reproduce: 1. Install clean FC6 (system works perfectly) 2. Install various extras (nvidia drivers, Compiz etc - or none at all) 3. Configure LDAP Authentication Actual results: System will not boot past System Message Bus Expected results: System to boot fully without problem Additional info: The boot issue can be fixed by booting into single user mode and completely removing the LDAP configuration. The doesn't solve the problem, but does allow us to boot the machine and use it.
WORKSFORME when I pointed a fresh FC6 install at an ldap server by using the "create network login" screen in firstboot. It came up, I logged in and confirmed that I could see the LDAP users via getent. I rebooted, and the machine came back up flawlessly. Can you attach the /etc/ldap.conf you were using when it hung? And provide some more details about your LDAP server so I can try to reproduce this?
The installation for LDAP is following the guidelines that we found worked (of sorts) on an RHEL 5 beta workstation: Run this command: authconfig --useshadow --enablemd5 --enablecache --enableldap --enableldapauth --ldapserver='lonldap2 houldap2' --ldapbasedn='dc=aac,dc=anadarko,dc=com' --enablelocauthorize --update Then grab these files off lon684: /etc/ldap.conf /etc/openldap/ldap.conf /etc/pam.d/system-auth /etc/auto.master /usr/local/anadarko/auto_home.pl /usr/local/anadarko/auto.misc.pl Run /etc/init.d/autofs restart And you should be able to get a listing of /misc/oasis with names/groups resolved… watch if you have created local home directories or added a manual mount of home as these will probably disappear under the auto mounter… The new autofs doesn't appear when you run mount… but it does appear in /proc/mounts
Created attachment 140228 [details] /etc/ldap.conf
Created attachment 140229 [details] /etc/openldap/ldap.conf
Have attached the two ldap.conf files for now. Changing some sensitive information where necessary. Will attach other files if you feel them necessary. Duncan Innes
That /etc/ldap.conf was not created by system-config-authentication or firstboot. It is missing the critical line nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon