Using [Open]LDAP for authentication
Dominique Goncalves
dominique.goncalves at gmail.com
Tue Jan 24 14:48:18 PST 2006
On 1/24/06, David F. Severski <davidski at deadheaven.com> wrote:
> On Fri, Jan 20, 2006 at 02:01:49PM -0600, Dan Nelson wrote:
> > Two, something is calling nanosleep. It's probably nss_ldap, which
> > looks like if it can't contact any of the configured ldap servers,
> > waits 4 seconds, then retries, doubling the wait period every time
> > until 64 seconds have elapsed, then it fails. Try putting
> >
> > nss_reconnect_tries 0
> > nss_reconnect_maxconntries 0
> >
> > in your /usr/local/etc/nss_ldap.conf file.
>
> I've been struggling with similar issues where slapd seems to hang at
> startup when using nss_ldap on the local system (all system accounts and
> groups are local, yet the group enumeration seems to cause the hang).
> Are these two settings documented anywhere for reference? I'm trying to
> understand how this interact with 'bind_policy soft', which I've also
> seen recommended. The nss_* settings don't seem documented in the stock
> nss_ldap.conf.sample file.
After some tests, using nss_ldap-1.389 instead of nss_ldap-1.444 seems
to solve hangs at startup and when slapd is down.
Can you try nss_ldap-1.389 thanks to portdowngrade if these hangs are
still here ?
> Thanks for the help.
>
> David
>
>
>
Regards.
--
There's this old saying: "Give a man a fish, feed him for a day. Teach
a man to fish, feed him for life."
More information about the freebsd-stable
mailing list