Hello all,
I'm going mad with this problem. Suddenly and without doing any modification 2 particular users cannot bind on slave ldap.
Example:
root@slaveldap:~# id user1 id: psamara: No such user
root@slaveldap:~# id user2 id: idanias: No such user
root@slaveldap:~# id stelios uid=1000(stelios) gid=100(users) groups=100(users) root@slaveldap:~#
The above commands run fine on the master ldap server. Doing a search on slaveldap finds both user1 and user2. Because of the above lookup problem I cannot send emails to those 2 users as I'm getting the following error from the email server which is running on the same machine.
Requested action not taken: mailbox unavailable 550 5.1.1 user1@mydomain.com: Recipient address rejected: User unknown in local recipient table
I have no clue what is going on and how to solve it. I also try to delete and re-create the users but with same results.
Any ideas?
Thanks a lot
On Tuesday 19 August 2008 15:26:06 Stelios A. wrote:
Hello all,
I'm going mad with this problem. Suddenly and without doing any modification 2 particular users cannot bind on slave ldap.
Example:
root@slaveldap:~# id user1 id: psamara: No such user
root@slaveldap:~# id user2 id: idanias: No such user
root@slaveldap:~# id stelios uid=1000(stelios) gid=100(users) groups=100(users) root@slaveldap:~#
The above commands run fine on the master ldap server. Doing a search on slaveldap finds both user1 and user2.
As far as I can tell, this has nothing to do with OpenLDAP, but rather nss_ldap and/or nscd.
You don't provide many details on your environment.
Are you running nscd on the slaveldap server? Does 'nscd -i passwd' help ? Does stopping nscd help ?
Regards, Buchan
Hi Buchan,
nscd is running but same problem exist no matter if nscd is running. nscd -i passwd didn't do anything to help, same problem.
As long as I use the master ldap on /etc/ldap.conf (Ubuntu, openldap 2.4.9) everything is working fine. DB is identical on both as I double checked this. Sync is working fine too on both. The problem appear only with those 2 users.
Let me know what else do I need to post in order to help troubleshooting.
Thanks a lot
2008/8/19 Buchan Milne bgmilne@staff.telkomsa.net:
On Tuesday 19 August 2008 15:26:06 Stelios A. wrote:
Hello all,
I'm going mad with this problem. Suddenly and without doing any modification 2 particular users cannot bind on slave ldap.
Example:
root@slaveldap:~# id user1 id: psamara: No such user
root@slaveldap:~# id user2 id: idanias: No such user
root@slaveldap:~# id stelios uid=1000(stelios) gid=100(users) groups=100(users) root@slaveldap:~#
The above commands run fine on the master ldap server. Doing a search on slaveldap finds both user1 and user2.
As far as I can tell, this has nothing to do with OpenLDAP, but rather nss_ldap and/or nscd.
You don't provide many details on your environment.
Are you running nscd on the slaveldap server? Does 'nscd -i passwd' help ? Does stopping nscd help ?
Regards, Buchan
On Tuesday 19 August 2008 08:26:06 Stelios A. wrote:
Hello all,
I'm going mad with this problem. Suddenly and without doing any modification 2 particular users cannot bind on slave ldap.
Example:
root@slaveldap:~# id user1 id: psamara: No such user
root@slaveldap:~# id user2 id: idanias: No such user
root@slaveldap:~# id stelios uid=1000(stelios) gid=100(users) groups=100(users) root@slaveldap:~#
Well this is not the best way to test and check if your ldap server is giving the data.
You should try with ldapsearch, for example:
$ ldapsearch -b "dc=domain,dc=com" -D "cn=root,dc=domain,dc=com" -W uid=user1
The above commands run fine on the master ldap server. Doing a search on slaveldap finds both user1 and user2. Because of the above lookup problem I cannot send emails to those 2 users as I'm getting the following error from the email server which is running on the same machine.
This is directly related to NSS_LDAP, you should try to debug nss_ldap and ldap server, increase debug at the server side and watch if your nss_ldap is doing the right query.
Requested action not taken: mailbox unavailable 550 5.1.1 user1@mydomain.com: Recipient address rejected: User unknown in local recipient table
I have no clue what is going on and how to solve it. I also try to delete and re-create the users but with same results.
Any ideas?
Thanks a lot
openldap-technical@openldap.org
-
Buchan Milne -
Jorge Armando Medina -
Stelios A.