Re: nslcd and ubuntu 10.04
[Date Prev][Date Next] [Thread Prev][Thread Next]Re: nslcd and ubuntu 10.04
- From: Adam Wolfe <kadamwolfe [at] gmail.com>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: nslcd and ubuntu 10.04
- Date: Thu, 27 Sep 2012 10:36:27 -0400
Hah. Thanks again, Christopher. I appreciate the help. Seems like a 0.7.13 with an adjusted idle_timelimit is the way to go so far. You happen to know if there's an easy way to package this for 10.04? I'm thinking about simply copying the .debs to my local apt-mirror, maybe even replacing the current ones for 0.7.2, might be easiest.
On 09/27/2012 10:21 AM, Christopher Wood wrote:
Oh, you're a familiar face. ;) I use: idle_timelimit 30 If your sockets cross a firewall then you may also be seeing the firewall timing out on inactive sockets. I found that in my environment, occasionally an ldap lookup would simply fail for no apparent reason. Every manual test succeeded, but intermittently automated tests would fail. I personally wrote it off to a gremlin that we have neither time nor personnel to chase, and banned nscd in case of cached negative result. In my case with 0.7.13 I left it sitting on some lab hosts with the above idle_timelimit for a week and wasn't able to reproduce my prior issue. On Thu, Sep 27, 2012 at 09:39:02AM -0400, Adam Wolfe wrote:Greetings, I was curious if anyone had written a guide or had (successful) experience getting ldap over ssl/tls working on ubuntu 10.04 using nslcd/libnss-ldapd. I'm having trouble where nslcd starts failing to connect to the ldap server after a few hours. Restarting nslcd or simply "id"ing an ldap user fixes the issue temporarily. I've read that version 0.7.2 is known to be buggy, despite being the version in the ubuntu repos. I've installed 0.7.13 from the ubuntu 10.10 repos, but I'm still seeing failed connections in syslog. Recently I've adjusted the idle_timelimit to 1sec in nslcd.conf. Seems steady so far, but it's only been a few minutes (failed connections typically start within 2min). I have about 100 servers to migrate from 8.04 to 10.04 early next year. So I'm looking for some advice/direction if anyone else has been in a similar situation and found a permanent fix. -- To unsubscribe send an email to nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see http://lists.arthurdejong.org/nss-pam-ldapd-users/
-- To unsubscribe send an email to nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see http://lists.arthurdejong.org/nss-pam-ldapd-users/
- nslcd and ubuntu 10.04,
Adam Wolfe
- Re: nslcd and ubuntu 10.04,
Christopher Wood
- Re: nslcd and ubuntu 10.04, Adam Wolfe
- Re: nslcd and ubuntu 10.04,
Christopher Wood
- Re: nslcd and ubuntu 10.04,
Adam Wolfe
- Re: nslcd and ubuntu 10.04,
Arthur de Jong
- Re: nslcd and ubuntu 10.04, Adam Wolfe
- Re: nslcd and ubuntu 10.04,
Arthur de Jong
- Re: nslcd and ubuntu 10.04,
Adam Wolfe
- Re: nslcd and ubuntu 10.04,
Christopher Wood
- Prev by Date: Re: nslcd and ubuntu 10.04
- Next by Date: Re: nslcd and ubuntu 10.04
- Previous by thread: Re: nslcd and ubuntu 10.04
- Next by thread: Re: nslcd and ubuntu 10.04