Red Hat Bugzilla – Bug 213608
System fails to boot when LDAP Authentication is enabled
Last modified: 2014-08-31 19:28:34 EDT
Description of problem: When LDAP Authentication is enabled, the system fails to
boot past the System Message Bus. It hangs completely at this point.
Version-Release number of selected component (if applicable): 2.3.27
How reproducible: Every time
Steps to Reproduce:
1. Install clean FC6 (system works perfectly)
2. Install various extras (nvidia drivers, Compiz etc - or none at all)
3. Configure LDAP Authentication
Actual results: System will not boot past System Message Bus
Expected results: System to boot fully without problem
Additional info: The boot issue can be fixed by booting into single user mode
and completely removing the LDAP configuration. The doesn't solve the problem,
but does allow us to boot the machine and use it.
WORKSFORME when I pointed a fresh FC6 install at an ldap server by using the
"create network login" screen in firstboot. It came up, I logged in and
confirmed that I could see the LDAP users via getent. I rebooted, and the
machine came back up flawlessly.
Can you attach the /etc/ldap.conf you were using when it hung? And provide
some more details about your LDAP server so I can try to reproduce this?
The installation for LDAP is following the guidelines that we found worked (of
sorts) on an RHEL 5 beta workstation:
Run this command:
authconfig --useshadow --enablemd5 --enablecache --enableldap
--enableldapauth --ldapserver='lonldap2 houldap2'
--ldapbasedn='dc=aac,dc=anadarko,dc=com' --enablelocauthorize --update
Then grab these files off lon684:
Run /etc/init.d/autofs restart
And you should be able to get a listing of /misc/oasis with names/groups
resolved… watch if you have created local home directories or added a manual
mount of home as these will probably disappear under the auto mounter…
The new autofs doesn't appear when you run mount… but it does appear in /proc/mounts
Created attachment 140228 [details]
Created attachment 140229 [details]
Have attached the two ldap.conf files for now. Changing some sensitive
information where necessary.
Will attach other files if you feel them necessary.
That /etc/ldap.conf was not created by system-config-authentication or
firstboot. It is missing the critical line