Re: nslcd starts failing logins after about an hour.

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: "Jason J. W. Williams" <jasonjwwilliams [at] gmail.com>
To: "Sotomayor, Vicente (ITD)" <vicente.sotomayor [at] state.ma.us>
Cc: "nss-pam-ldapd-users [at] lists.arthurdejong.org" <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: nslcd starts failing logins after about an hour.
Date: Wed, 11 May 2011 13:09:29 -0600

Hi Vicente,

Yeah it can. If it couldn't I'd expect it to be failing all the time also.

-J

On Wed, May 11, 2011 at 12:55 PM, Sotomayor, Vicente (ITD)
<vicente.sotomayor@state.ma.us> wrote:
> Jason,
>
> This may or may not help, but confirm that the troubled client can resolve 
> your LDAP servers via DNS.
> ________________________________________
> From: 
> nss-pam-ldapd-users-bounces+vicente.sotomayor=state.ma.us@lists.arthurdejong.org
>  
> [nss-pam-ldapd-users-bounces+vicente.sotomayor=state.ma.us@lists.arthurdejong.org]
>  On Behalf Of Jason J. W. Williams [jasonjwwilliams@gmail.com]
> Sent: Wednesday, May 11, 2011 2:44 PM
> To: nss-pam-ldapd-users@lists.arthurdejong.org
> Subject: nslcd starts failing logins after about an hour.
>
> We've been testing moving over to pam-ldapd from pam-ldap but have run
> into an interesting problem. We set up two hosts, one in the same
> datacenter as the LDAP servers, and the other in another datacenter
> about 500 miles away (latency is about 16ms). They're communicating
> via LDAPS over port 636, and the servers are running OpenDJ 2.4.1.
>
> The host in the same datacenter as the LDAP servers has no issues.
> Immediately after starting nslcd the host in the remote data center
> also has no issues with logins, however after about an hour LDAP
> logins fail. The only way to get LDAP logins working again on the
> remote host is to restart nslcd. Other than the distance from the LDAP
> server, the only other difference with the remote host is that it only
> has one LDAP server listed in its config whereas the local host has
> both LDAP servers listed.
>
> The logs from nslcd during the login failures show some of the look
> ups succeeding and some timing out: https://gist.github.com/967015
>
> Any help in resolving this would be greatly appreciated.
>
> -J
> --
> To unsubscribe send an email to
> nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
> http://lists.arthurdejong.org/nss-pam-ldapd-users
> --
> To unsubscribe send an email to
> nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
> http://lists.arthurdejong.org/nss-pam-ldapd-users
>
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users

Re: nslcd starts failing logins after about an hour., (continued)
- RE: nslcd starts failing logins after about an hour., Sotomayor, Vicente (ITD)
  - Re: nslcd starts failing logins after about an hour., Jason J. W. Williams

Prev by Date: RE: nslcd starts failing logins after about an hour.
Next by Date: Re: nslcd starts failing logins after about an hour.
Previous by thread: RE: nslcd starts failing logins after about an hour.
Next by thread: Red Hat Enterprise 6 nslcd time out issue