LISTSERV - SCIENTIFIC-LINUX-USERS Archives

Based on my experience, the problem is your ldap failover config (host 
our.server.one our.server.two). Adding a failover host causes all sorts 
of bind timeout problems, we found this behaviour with SciLinux 4.x, 
CentOS and RHEL (ie. most likely orignates at padl.org and not TUV). We 
eventually removed our replicated ldap config and are looking at virtual 
servers for failover.

SciLinux 5.x ldap client uses "ldap://myldapserver" URI syntax instead 
of older "host myldapserver" keyword.

> Hello again.
> Thanks...
> 
> Here is:  cat /etc/ldap.conf | egrep -v "^#|^$"
> 
> host our.server.one our.server.two
> base o=AAAA,c=BBBB
> timelimit 120
> bind_timelimit 120
> bind_policy soft
> idle_timelimit 3600
> nss_initgroups_ignoreusers 
> root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
> ssl no
> tls_cacertdir /etc/openldap/cacerts
> pam_password md5
> 
> 
> I will search the forum entries more carefully and
> also look into: nss_ldap-253-13.el5_2.1
> I have: yum list nss_ldap: nss_ldap.i386 253-12.el5 installed

Chris Hunter

[log in to unmask]