use of [!NOTFOUND=return] in nsswitch.conf

Posted by Chris Phillips on Server Fault See other posts from Server Fault or by Chris Phillips
Published on 2011-07-15T08:48:40Z Indexed on 2012/07/04 3:18 UTC
Read the original article Hit count: 415

Filed under:

Has anyone come across the use of this config for passwd and groups config in nsswitch.conf? Where I'm working I've been told it's been shown to help situations where a group exists both locally and in ldap which was causing issues for group memberships etc. However this config seems to totally mess up nscd which will be aware of the groups and all their members but will not flip the data around to say the user is a member of all it's remote groups.

Initially it seems, given a fully available environment, to be exactly the same as [FOUND=return] which is an implict default between stages anyway. However apparently a lengthy ticket with Redhat resulted in the recommended use of that configuration.

© Server Fault or respective owner

Related posts about nsswitch.conf