Samba and ldap troubles.
George Farris
farrisg at mala.bc.ca
Fri Sep 2 13:42:23 CDT 2005
On Fri, 2005-09-02 at 13:45 -0400, Scott J. Henson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Yes, this sounds like libnss-ldap being crappy. It happens whenever
> libnss cannot contact the ldap server. I would suggest not using
> libnss-ldap on your ldap servers. It would seem to me that there may be
> a race in there somewhere or a dead lock. Remove libnss-ldap from the
> ldap servers and I think your problems should be resolved.
>
> This should have nothing to do with the backend of choice. Its all
> about slapd using some libc function that somehow accesses nss, which
> then must poll ldap, but the ldap server is waiting on its original
> request to be fulfilled, which causes the lock. I'm not positive that
> this is what is happening, but it seems logical. Possibly you could use
> nscd to reduce the frequency of the locks, but I would think it would
> just delay the inevitable.
I'm wondering if the bind_policy and bind_timelimit would help here.
Also this may not per say be a development issue so I suppose I should
move this discussion off the devel list, however, if libnss-ldap is
having this problem due to possibly a libc issue and yes now that you
mention it I did see that in the debug log, would not pam_ldap also
experience that same thing?
--
George Farris farrisg at mala.bc.ca
Malaspina University-College
More information about the ubuntu-devel
mailing list