nss_ldap problem
Dmitriy Kirhlarov
dimma at higis.ru
Mon Mar 6 07:41:11 UTC 2006
On Sat, Mar 04, 2006 at 02:29:44PM -0500, David Magda wrote:
>
> On Mar 4, 2006, at 04:04, Frode Nordahl wrote:
>
> >>/etc/nsswitch.conf
> >>group: ldap files
> >>hosts: files dns
> >>networks: files
> >>passwd: ldap files
> >>shells: files
> >>imap: ldap
> >
> >Why do you have "ldap" first? I would use "files ldap" in any case so local changes
> >can override the directory.
>
> And if there's an issue with the network, things will slow down to a crawl when the
> system is waiting for the LDAP server to respond (which it won't, so you're waiting
> for the time out to occur).
Using this params in /usr/local/etc/{nss_,}ldap.conf can help:
bind_timelimit 4
bind_policy soft
idle_timelimit 8
WBR
--
Dmitriy Kirhlarov
OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia
P:+7 495 105 7247 ext.203 F:+7 495 105 7246 E:DmitriyKirhlarov at oilspace.com
OILspace - The resource enriched - www.oilspace.com
More information about the freebsd-stable
mailing list