RSS feed

Re: error writing to client: broken pipe nslcd

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: error writing to client: broken pipe nslcd

On Tue, 2013-01-29 at 07:52 +0100, Marcus Moeller wrote:
> The maximum number of objects that can be lookedup on one query is 
> limited on AD side, here.

nslcd should automatically do paged attribute retrieval if required.

> > Do you know for which requests these messages are happening often (run
> > nslcd in debug mode to find out)?
> It happens when initgroups() is called which is on login, the first time.

Can you provide nslcd debug output? It could help pinpoint the issue.

On my system on ssh login with a password prompt nine getpwnam() calls
and two initgroups(), getspnam() and getpwuid() calls.

> sssd offers a parameter to prevent this behavior:
>      nss_getgrent_skipmembers yes

nslcd does this by default already when doing the initgroups() lookup
(but not when doing normal getgrnam() or setgrent() calls).

-- arthur - - --
To unsubscribe send an email to or see