We've been running fall over host on all our SL5 and RHEL4 for a while now. It's all gone well apart from that SSL problem a few months ago. Chris Hunter wrote: > Based on my experience, the problem is your ldap failover config (host > our.server.one our.server.two). Adding a failover host causes all sorts > of bind timeout problems, we found this behaviour with SciLinux 4.x, > CentOS and RHEL (ie. most likely orignates at padl.org and not TUV). We > eventually removed our replicated ldap config and are looking at virtual > servers for failover. > > SciLinux 5.x ldap client uses "ldap://myldapserver" URI syntax instead > of older "host myldapserver" keyword. > >> Hello again. >> Thanks... >> >> Here is: cat /etc/ldap.conf | egrep -v "^#|^$" >> >> host our.server.one our.server.two >> base o=AAAA,c=BBBB >> timelimit 120 >> bind_timelimit 120 >> bind_policy soft >> idle_timelimit 3600 >> nss_initgroups_ignoreusers >> root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman >> ssl no >> tls_cacertdir /etc/openldap/cacerts >> pam_password md5 >> >> >> I will search the forum entries more carefully and >> also look into: nss_ldap-253-13.el5_2.1 >> I have: yum list nss_ldap: nss_ldap.i386 253-12.el5 installed > > Chris Hunter > > [log in to unmask] > -- --------------------------------------------------------- Faye Gibbins, Computing Officer (Infrastructure Services) GeoS KB; Linux, Unix, Security and Networks. Beekeeper - The Apiary Project, KB - www.bees.ed.ac.uk --------------------------------------------------------- I grabbed at spannungsbogen before I knew I wanted it. The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.