RSS feed

Re: Losing users & groups from Active Directory 2008r2

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Losing users & groups from Active Directory 2008r2

On Fri, 2010-07-09 at 22:04 +0200, Emmanuel Lesouef (CRBN) wrote:
> All the DC were upgraded to Windows 2008r2 last month and now, if I start
> nss-ldapd, I have all my users & groups. If no restart of nslcd is done
> for some hours, nslcd seems to lose the users and groups and no SSH connection
> (for example) are possible. Even if a logged in and idle user issues a
> "getent passwd", the getent process seems to hang and finally times out,
> leaving no active directory users displayed.

Is there anything in the logs? It could be a timeout issue. Perhaps
connections are timed out in some way and the loss of connection is not
properly recognized.

You can use the idle_timelimit option to allow nslcd to close the
connection if it hasn't been used in a while.

I would still like to know if there is anything in the logs. Also you
could run nslcd with the -d option to make it log debugging information
to stderr (this is especially interesting at the time of the hang).

Hope this helps.

-- arthur - - --
To unsubscribe send an email to or see