* jonty [Sun Jan 02, 2011 at 03:01:23PM +0000]:
> I have been using grml for the last couple of months. I am building a
> network of about 20 machines, all running grml, and I want them to share
> a single set of login names and passwords.
> So I decided to configure OpenLDAP as a service on one machine and
> configure the other machines to find login+password from this
> I am following the instructions set out at:
> They suggest I use libnss-ldap. But this package seems to be missing
> from my copy of grml 2010.04. I have also checked the package list
> for 2010.12 and that does not contain libnss-ldap.
> This seems a strange omission from grml. It contains slapd to run the
> service and several clients such as freeradius-ldap, libnet-ldap-perl,
> postfix-ldap, and smbldap-tools. So why not libnss-ldap?
libnss-ldap requires pre-configuration to be useful and no shipped
package has a hard dependency on it, that's why it's not shipped by
> I could install libnss-ldap on each client machine. But then I have to
> repeat those same steps on 20 machines, which makes it 20 times more
> likely I will make a mistake somewhere.
> I tried "apt-get install libnss-ldap" on a test machine. This started
> updating libc-bin and installing locales, which seemed a good way of
> breaking the distro. Can anyone suggest a better approach? Should I
> remaster the CD? Is there some gmrl magic I am missing? Is there a
> different tool for login+password that is not ldap?
Just grab Grml 2010.12 (current stable release) and run "apt-get
install libnss-ldap" there, no major updates (like libc) should be
If you want to have libnss-ldap persistent you can either use
(not that great for 20
machines probably though), the debs=... bootoption to install it
during bootup (see http://grml.org/cheatcodes/),
remaster it using
grml-live (see http://grml.org/grml-live/) or if PXE
booting is an
option provide the adjusted grml_chroot (either from grml-live or
based on the official ones from