Re: nslcd errors talking to IPVS cluster of LDAP servers

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Ken Gaillot <kjgaillo [at] gleim.com>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: nslcd errors talking to IPVS cluster of LDAP servers
Date: Mon, 18 Oct 2010 14:26:21 -0400

Ken Gaillot wrote:

Arthur de Jong wrote:
Can you provide some more debugging info for when this happens? You can
run nslcd with the -d option which causes debugging info to be sent to
stderr.
Quite interesting: When I stop nscd and run "nslcd -d", I don't geterrors; but when I turn nscd back on, I do.

...

So it appears the issue might actually be related to nscd, or aninteraction of nscd and nslcd. I'll try running without nscd for a weekor so and see whether we get any further problems.

After turning off nscd, the error messages initially went away butreturned after a few days. I turned nslcd debugging output back on(leaving nscd off); here's an example:


nslcd: [55bac3] DEBUG: connection from pid=21724 uid=0 gid=0
nslcd: [55bac3] DEBUG: nslcd_group_bymember(kjgaillo)

nslcd: [55bac3] DEBUG: myldap_search(base="cn=Accounts,dc=gleim,dc=com",filter="(&(objectClass=posixAccount)(uid=kjgaillo))")

nslcd: [55bac3] ldap_result() failed: Can't contact LDAP server

nslcd: [55bac3] ldap_abandon() failed to abandon search: Other (e.g.,implementation specific) error

nslcd: [55bac3] DEBUG: myldap_get_entry(): retry search
nslcd: [55bac3] DEBUG: simple anonymous bind to ldap://ldap.teamgleim.com
nslcd: [55bac3] connected to LDAP server ldap://ldap.teamgleim.com

nslcd: [55bac3] DEBUG:myldap_search(base="ou=groups,dc=adonis,dc=shells,dc=gleim,dc=com",filter="(&(objectClass=posixGroup)(|(memberUid=kjgaillo)(uniqueMember=uid=kjgaillo,cn=Accounts,dc=gleim,dc=com)))")

nslcd: [55bac3] DEBUG: ldap_result(): end of results

It does seem that the reconnect always succeeds now, and I haven't seenmy original symptom (osiris reporting LDAP user accounts disappearing),so perhaps this is a lesser issue when nscd is off.


-- Ken Gaillot <kjgaillo@gleim.com>
Network Operations Center, Gleim Publications
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users

nslcd errors talking to IPVS cluster of LDAP servers, Ken Gaillot
- Re: nslcd errors talking to IPVS cluster of LDAP servers, Arthur de Jong
  - Re: nslcd errors talking to IPVS cluster of LDAP servers, Ken Gaillot
  - Re: nslcd errors talking to IPVS cluster of LDAP servers, Ken Gaillot
    - Re: nslcd errors talking to IPVS cluster of LDAP servers, Ken Gaillot

Prev by Date: Re: nslcd errors talking to IPVS cluster of LDAP servers
Next by Date: Re: nslcd errors talking to IPVS cluster of LDAP servers
Previous by thread: Re: nslcd errors talking to IPVS cluster of LDAP servers
Next by thread: Re: nslcd errors talking to IPVS cluster of LDAP servers