LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

September 2008

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS September 2008

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: udevd: nss_ldap failed to bind to LDAP
From:	Robert Burch <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Tue, 2 Sep 2008 14:52:54 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (87 lines)

Hello again.
Thanks...

Here is:  cat /etc/ldap.conf | egrep -v "^#|^$"

host our.server.one our.server.two
base o=AAAA,c=BBBB
timelimit 120
bind_timelimit 120
bind_policy soft
idle_timelimit 3600
nss_initgroups_ignoreusers 
root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5


I will search the forum entries more carefully and
also look into: nss_ldap-253-13.el5_2.1
I have: yum list nss_ldap: nss_ldap.i386 253-12.el5 installed

Thanks

Robert

Jon Peatfield wrote:
> On Tue, 2 Sep 2008, Robert Burch wrote:
> 
>> Hi,
>> Has anyone see this behavior in SL 5.2?
>>
>> On boot, we get multiple udevd: nss_ldap failed to bind to LDAP errors.
>> udevd tries repeatedly (every 4,8,26,32, & 64 sec.s for about 20 
>> mins.) to connect and then claim our ldap server can not be reached, 
>> then boots fine. It appears that udevd is trying to contact our ldap 
>> servers before the network is brought up. If I disable ldap, the 
>> server boots fine. I have set the ldap reconnect policy 
>> (/etc/ldap.conf: bind_policy) to soft for the time being and it boots 
>> fine after udevd times out a few times.
> 
> There were similar sounding reports back in May, and most turned out to 
> be related to changed to how /etc/lapd.conf was being parsed.  If this 
> machine was updated then it might be that your previously working 
> settings now need to be changed to work - this was most often reported 
> for lapds setups.
> 
>> How can I fix udev/ldap timeout problem we have?
> 
> I seem to remember that when udev is starting up it needs to do user or 
> group lookups though I can't remember the details or if there was some 
> change to hack things so it didn't need network access for it's lookups...
> 
>> Do I have something wrong in my nsswitch.conf?
>>
>> Thanks,
>> Robert
>>
>> uname -a
>> Linux our.server.edu 2.6.18-92.1.10.el5PAE #1 SMP Mon Aug 4 14:56:48 
>> EDT 2008 i686 i686 i386 GNU/Linux
>>
>> udev.i386   095-14.16.el5
>>
>> openldap-2.3.27-8.el5_2.4.i386
>>
>> cat /etc/nsswitch.conf  | egrep -v "^#|^$"
>> passwd:     files ldap
>> shadow:     files ldap
>> group:      files ldap
>> hosts:      files dns
>> bootparams: nisplus [NOTFOUND=return] files
>> ethers:     files
>> netmasks:   files
>> networks:   files
>> protocols:  files
>> rpc:        files
>> services:   files
>> netgroup:   files ldap
>> publickey:  nisplus
>> automount:  files ldap
>> aliases:    files nisplus
> 
> It may be worth including your ldap.conf file too just in case that 
> rings any bells for anyone...
>

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV