Strange problem with NSS_LDAP in Solaris 9

From: Luiz Alfredo Baggiotto (luiz_at_pucrs.br)
Date: 02/23/05

  • Next message: Karyn Williams: "Script help with read" 
    Date: Wed, 23 Feb 2005 14:43:04 -0300
To: <sunmanagers@sunmanagers.org>

    Dear all

    I4m installing a OpenLDAP in one Solaris 9 server. Everything seems to work
    ok, but I realized a strange behavior. The slapd daemon initializes too slowly
    (approximately 1 minute) and generate this error log:

    Feb 23 13:58:41 arrakis slapd[1989]: [ID 702911 local4.debug] @(#) $OpenLDAP:
    slapd 2.2.23 (Jan 26 2005 15:39:22) $
    Feb 23 13:58:41 arrakis
    @arrakis:/root/adm/soft/openldap-2.2.23/servers/slapd
    Feb 23 13:58:41 arrakis slapd[1989]: [ID 982204 local4.info] nss_ldap:
    reconnecting to LDAP server...
    Feb 23 13:58:41 arrakis last message repeated 1 time
    Feb 23 13:58:41 arrakis slapd[1989]: [ID 582712 local4.info] nss_ldap:
    reconnecting to LDAP server (sleeping 4 seconds)...
    Feb 23 13:58:45 arrakis slapd[1989]: [ID 582712 local4.info] nss_ldap:
    reconnecting to LDAP server (sleeping 8 seconds)...
    Feb 23 13:58:53 arrakis slapd[1989]: [ID 582712 local4.info] nss_ldap:
    reconnecting to LDAP server (sleeping 16 seconds)...
    Feb 23 13:59:09 arrakis slapd[1989]: [ID 582712 local4.info] nss_ldap:
    reconnecting to LDAP server (sleeping 32 seconds)...
    Feb 23 13:59:41 arrakis slapd[1989]: [ID 305409 local4.error] nss_ldap: could
    not hard reconnect to LDAP server - Server is unavai
    lable
    Feb 23 13:59:41 arrakis slapd[1989]: [ID 592912 local4.debug]
    bdb_back_initialize: Sleepycat Software: Berkeley DB 4.3.27: (Decemb
    er 22, 2004)
    Feb 23 13:59:41 arrakis slapd[1989]: [ID 178880 local4.debug] bdb_db_init:
    Initializing BDB database
    Feb 23 13:59:41 arrakis slapd[1990]: [ID 100111 local4.debug] slapd starting

    The command line is:

    /usr/local/libexec/slapd -u ldap -g ldap -h ldaps:/// ldap:///

    The user and group 'ldap' are locally stored:

    # grep ldap /etc/passwd
    ldap:x:30:30:LDAP User:/var/empty:/bin/false
    # grep ldap /etc/group
    ldap::30:ldap
    #

    Well, when I initialize the service with the 'root' user (
    /usr/local/libexec/slapd -h ldaps:/// ldap:/// ), the problem not occurs, but
    it4s not very good.
    I tried to change some parameters and has discovered that when I have in
    /etc/nsswitch.conf the key 'group:' without the ldap parameter, the
    initialization is normal.
    That is, the problem isn4t happening when in /etc/nsswitch.conf I have:

    Group: files

    After the daemon initializes, I can change this line to

    Group: files ldap

    And everything works very good. But if /etc/nsswich.conf is configured in this
    form, occurs the initialization problem.
    Has anyone some idea about it?
    Thanks in advance

    Luiz
    _______________________________________________
    sunmanagers mailing list
    sunmanagers@sunmanagers.org
    http://www.sunmanagers.org/mailman/listinfo/sunmanagers

  • Next message: Karyn Williams: "Script help with read"

    Relevant Pages

    • Re: Does samba 3.0.14Aa on OS 5.0.6 work with ldapsam backend on another LDAP server?
      ... used 3.0.9 on SCO 5.0.6 for quite some time after suffering problems I ... a RedHat4 box running samba 3.0.10 and OpenLDAP 2.2.13. ... and no LDAP server (although there were the ... share on the SCO server without any smbpasswd on that server! ...
      (comp.unix.sco.misc)
    • RE: LDAP & Find People not working
      ... need to refer to the KB article below to know how to use LDAP: ... | Yes, the scanner is on the local area network, so as you indicated below, ... | So I wonder why the scanner does not see the LDAP server. ...
      (microsoft.public.windows.server.sbs)
    • slapd - slow starting
      ... contact LDAP server ... then slapd started fine but I without ldap in nsswitch.conf I cant ... # The user ID attribute (defaults to uid) ... # SSL enabled. ...
      (freebsd-stable)
    • Re: Configuring LDAP on Entourage 2004 OS X
      ... On the SBS server box, open Server Management console, navigate to ... by companies that are independent of Microsoft. ... Configuring LDAP on Entourage 2004 OS X ...
      (microsoft.public.windows.server.sbs)
    • Re: Antw: Re: LDAP Authentication Problem
      ... TLSv1 und wird auf einen SSL Client Hello Request mit TLSv1 nicht ... antworten anstatt ein SSLv3 Server Hello. ... the LDAP PAM module and the shadow package. ...
      (de.comp.sys.novell)