nss_ldap and openldap on the same server.
Daniel Marsh
jahilliya at gmail.com
Mon Mar 12 22:58:07 UTC 2007
On 3/12/07, Gerhard Schmidt <estartu at augusta.de> wrote:
>
> Hi,
>
> I have a small problem. On my central server we run an openldap server
> that
> contains the userdata for some systems. An the server uses this ldap
> server for authentication and nss. The problem is that when the server is
> booting slapd takes a very long time to start up. I think it's trying to
> get an answer from ldap for the user ldap. But user ldap is in /etc/passwd
> and in /etc/groups
>
> My nsswitch.conf looks like this.
>
> group: files ldap
> hosts: files dns
> networks: files
> passwd: files ldap
> shells: files
>
> The system comes up but takes very long to do so (i think it's somekind of
> timeout)
> Mar 12 14:58:23 phobos slapd[584]: nss_ldap: could not search LDAP server
> - Server is unavailable
>
> As I see it, nss asks all sources even if the frist one allready knows the
> answer. Is there a way to change this.
>
I've run into this very same problem... but the way I got around it was
putting OpenLDAP in a jail all by its lonesome and making sure that jail
would start before anything on the host system would start that may need
LDAP... (effectively meaning the LDAP server is a different "machine")
More information about the freebsd-questions
mailing list