 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Wed, 3 Sep 2008 15:05:31 -0400 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Based on my experience, the problem is your ldap failover config (host
our.server.one our.server.two). Adding a failover host causes all sorts
of bind timeout problems, we found this behaviour with SciLinux 4.x,
CentOS and RHEL (ie. most likely orignates at padl.org and not TUV). We
eventually removed our replicated ldap config and are looking at virtual
servers for failover.
SciLinux 5.x ldap client uses "ldap://myldapserver" URI syntax instead
of older "host myldapserver" keyword.
> Hello again.
> Thanks...
>
> Here is: cat /etc/ldap.conf | egrep -v "^#|^$"
>
> host our.server.one our.server.two
> base o=AAAA,c=BBBB
> timelimit 120
> bind_timelimit 120
> bind_policy soft
> idle_timelimit 3600
> nss_initgroups_ignoreusers
> root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
> ssl no
> tls_cacertdir /etc/openldap/cacerts
> pam_password md5
>
>
> I will search the forum entries more carefully and
> also look into: nss_ldap-253-13.el5_2.1
> I have: yum list nss_ldap: nss_ldap.i386 253-12.el5 installed
Chris Hunter
[log in to unmask]
|
|
|
