<div dir="ltr"><div>Jorg, I do not have the answer for you. One comment I have is that the GUI login will use different PAM modules from the command line ssh login.</div><div>If you are looking for differences between your CentOS machine and Ubuntu I would also start by listing the PAM modules.</div><div><br></div><div>I speak as someone who has a nagging problem with nslcd - I have two servers which should be identical, and on one I cannot 'sudo' with my account. </div><div><br></div><div>It is possible to stop the nslcd.service and run nslcd -d in a terminal - this did not help me, it might help you.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 16 January 2018 at 00:35, Jörg Saßmannshausen <span dir="ltr"><<a href="mailto:sassy-work@sassy.formativ.net" target="_blank">sassy-work@sassy.formativ.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Dear all,<br>
<br>
reading the Cluster Authentication (LDAP,AD) thread which was posted at the<br>
end of last year reminds me of a problem we are having.<br>
<br>
For our Ubuntu 14 virtual machines we are authenticating against AD and I am<br>
using the nslcd daemon to do that.<br>
This is working very well in a shell, i.e. when I am doing this in a shell:<br>
<br>
$ su -l USER<br>
<br>
It is fast, it is creating the home directory if I need it (or not if I want<br>
to mount the file space elsewhere and use a local home) and the standard lookup<br>
tools like<br>
<br>
$ getent password USER<br>
<br>
are fast as well.<br>
<br>
However, and here is where I am stuck: when I want to log in to the machine<br>
using the GUI, this takes forever. We measures it and it takes up to 90 sec.<br>
until it finally works. I also noticed that it is not reading the<br>
/etc/nslcd.conf file but either /etc/ldap.conf or /etc/ldap/ldap.conf. The<br>
content of the ldap.conf file is identical with the nslcd.conf file. I am using<br>
TLS and not SSL for the secure connection .<br>
Furthermore, and here I am not sure whether it is the same problem or a<br>
different one, if I want to ssh into the Ubuntu VM, this also take a very long<br>
time (90 sec) until I can do that.<br>
Strangely enough, our HPC cluster is using nslcd as well (I used that<br>
nslcd.conf file as a template for the Ubuntu setup), authenticating against the<br>
same AD and that works instantaneous.<br>
<br>
Does anybody has some ideas of where to look at? It somehow puzzles me.<br>
I am a bit inclined to say the problem is within Ubuntu 14 as the cluster is<br>
running CentOS and my Debian chroot environment ist Stretch.<br>
<br>
All the best from London<br>
<br>
Jörg<br>
<br>
______________________________<wbr>_________________<br>
Beowulf mailing list, <a href="mailto:Beowulf@beowulf.org">Beowulf@beowulf.org</a> sponsored by Penguin Computing<br>
To change your subscription (digest mode or unsubscribe) visit <a href="http://www.beowulf.org/mailman/listinfo/beowulf" target="_blank" rel="noreferrer">http://www.beowulf.org/<wbr>mailman/listinfo/beowulf</a><br>
</blockquote></div><br></div>