When both a AAAA and A records are used for an ldap server, nss_ldap fails. When only A records are used, nss_ldap works. When only AAAA records are used nss_ldap fails. I tested by preforming a 'getent passwd' query. I tested the server by using ldapsearch with the ipv6 address directly (it worked). I can only guess that nss_ldap both defaults to AAAA records and does not have proper support for ipv6. That said, I have changed my /etc/ldap.conf to refrence the server by ipv6 address and it still fails. This leads me to believe that the first sentence of this paragraph is correct. I am going to be testing newer versions of nss_ldap to see if it is fixed. Reproducible: Always Steps to Reproduce: 1. set ipv6 use flag 2. set up ldap server to use ipv6 3. install sys-auth/nss_ldap-258 and preform getent passwd with a AAAA record Expected Results: nss_ldap should have support for ipv6 I consider this major because if there is an AAAA record for the ldap server along with an A record ldap fails to work. It may be a feature enhancement that is needed to fix it (adding ipv6 support). I will add notes for the maked nss_ldap ebuilds.
it seems that all version of nss_ldap do not support ipv6 in gentoo at the moment
I was stupid, I had an IP acl in my slapd.conf and that prevented me from preforming an auth. I can confirm that nss_ldap-258 works over ipv6
