Re: [nssldap] Re: disconnected nss_ldap
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: [nssldap] Re: disconnected nss_ldap
- From: Howard Chu <hyc [at] highlandsun.com>
- To: "Brian J. Murrell" <brian [at] interlinx.bc.ca>
- Cc: nssldap [at] padl.com
- Subject: Re: [nssldap] Re: disconnected nss_ldap
- Date: Sun, 01 Nov 2009 18:01:13 -0800
Brian J. Murrell wrote:
> I got it to build and install without much ado.
>
> Unfortunately, it doesn't seem to do much better than we had before.
>
> I am using an iptables rule (which sends back a TCP RST to existing and
> new connection attempts) at my ldap server to simulate disconnection.
>
> For a short while after "disconnection" "id brian" returns a result, but
> as before, not very long after disconnection it starts failing.
>
> What can I do to help narrow this down?
You're chasing a dead-end. Even if you get this aspect working, nscd still
doesn't cache enumerations, which are the most expensive nss lookup operation.
(e.g., an unqualified "getent" call). nscd is broken by design.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
[nssldap] Re: disconnected nss_ldap,
Brian J. Murrell