Hi Team,
Seeking help or guidance on this issue.
we are using OpenLDAP 2.4.54 version on RHEL7.8 systems and these OpenLDAP servers are
using backend Microsoft AD URI to load the User POSIX info. Clients are using SSSD
software. On the client's side, we are seeing odd behavior of Group name.
it's failing to fetch Group name while logging in to the LDAP clients.
uid=1946***(balna**) gid=1478 groups=1478
we have to similar setup on two sites, One site is working fine and the second site is not
working sure where is the exact problem both the sites' OpenLDAP configuration is
intact and SSL certs are offloaded properly.
the only difference I see no of clients connections the working one having fewer client
around 25-30 in that site whereas non-working site OpenLDAP servers takes around 3K
clients connections, I am not sure if any there is additional tuning required based on no
of clients.
i also checked limits 4K values set for nproc/nofile and i did not see any issue with
limits.
we have a similar working two sites setup of 2.4.36 on RHEL6 servers for the same no of
clients and we are trying to migrate to RHEL7 with 2.4.54 version where we are seeing the
issue.
Can you please check and help us to see if similar kind of issue reported by any clients
or any tuning in required ?
Thanks
Narayanan
Linux Platform Engineering
500 Staples Drive, Framingham MA
Office: 508-253-6909 | Mobile: 508-333-4395
[signature_1767107679]