Re: Losing users & groups from Active Directory 2008r2

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: Losing users & groups from Active Directory 2008r2
Date: Sat, 10 Jul 2010 00:26:32 +0200

On Fri, 2010-07-09 at 22:04 +0200, Emmanuel Lesouef (CRBN) wrote:
> All the DC were upgraded to Windows 2008r2 last month and now, if I start
> nss-ldapd, I have all my users & groups. If no restart of nslcd is done
> for some hours, nslcd seems to lose the users and groups and no SSH connection
> (for example) are possible. Even if a logged in and idle user issues a
> "getent passwd", the getent process seems to hang and finally times out,
> leaving no active directory users displayed.

Is there anything in the logs? It could be a timeout issue. Perhaps
connections are timed out in some way and the loss of connection is not
properly recognized.

You can use the idle_timelimit option to allow nslcd to close the
connection if it hasn't been used in a while.

I would still like to know if there is anything in the logs. Also you
could run nslcd with the -d option to make it log debugging information
to stderr (this is especially interesting at the time of the hang).

Hope this helps.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --

--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users

Losing users & groups from Active Directory 2008r2, Emmanuel Lesouef (CRBN)
- Re: Losing users & groups from Active Directory 2008r2, Arthur de Jong

Prev by Date: Losing users & groups from Active Directory 2008r2
Next by Date: Re: Losing users & groups from Active Directory 2008r2
Previous by thread: Losing users & groups from Active Directory 2008r2
Next by thread: Re: Losing users & groups from Active Directory 2008r2