Solaris 11 enable_passwd_compat
I recently experienced an event onsite whereby we had lost connectivity to Solaris 11 system; Under close inspection the system was in sulogin
mode, failing to boot due to an LDAP/svc.configd locking issue.
I've not come across this particular scenario before. Strange that the system failed to boot when ldap
was set before files
for the passwd entry in /etc/nsswitch.conf
# grep passwd /etc/nsswich.conf passwd_compat: ldap files passwd: ldap files
According to Oracle support the passwd
entry is incorrect, and we need to change the order. so changing the order for files ldap
I performed a reboot on the system. On doing so we lost LDAP connectivity and the server failed to come online.
Upon inspection I noticed that the /etc/nsswitch.conf
no longer contains the passwd_compat entry which was strange so understandably LDAP fails.
I tried setting it with...
# svccfg -s name-service/switch setprop config/passwd_compat=astring \"files ldap\"
Dont do it -- it simply won't work .... You have to set it using:
# svccfg -s name-service/switch setprop config/enable_passwd_compat=true
I've played since with putting the passwd
entry back to how it was and it still works.... Not asking the reason why, just happy it's all working
Be the first to comment.
Leave a response