Hello,
I'm testing RH 6 Openldap clients and I getting a lot of errors and poor performance while trying to login and also takes serveral minutes for a su - command to work. We are using SSL. I'm seeing plenty of "errors ldap_result() timed out" in the messages file and it also states that it can not contact either ldap server. I enabled root to temporarily ssh and that even takes up 2 minutes. Our RH 5 clients are having no issues. Does anyone know the fix?
Thanks
pam_ldap.conf :
base dc=x,dc=x,dc=x,dc=x uri ldaps://x ldaps://x tls_cacertdir /etc/openldap/cacerts pam_password md5 sudoers_base ou=SUDOers,dc=x,dc=x,dc=x,dc=x
nslcd.conf: uid nslcd gid ldap uri ldaps://x ldaps://x base dc=x,dc=x,dc=x,dc=x tls_cacertdir /etc/openldap/cacerts
Sotomayor, Vicente (ITD) wrote:
I'm testing RH 6 Openldap clients and I getting a lot of errors and poor performance while trying to login and also takes serveral minutes for a su
- command to work. We are using SSL.
Isn't the standard way on RHEL today to use sssd?
I'm seeing plenty of "errors ldap_result() timed out" in the messages file and it also states that it can not contact either ldap server. I enabled root to temporarily ssh and that even takes up 2 minutes. Our RH 5 clients are having no issues. Does anyone know the fix?
This can be anything. You have to examine that a bit closer. E.g. long connection startup times are often related to DNS timeouts.
Ciao, Michael.
On 05/02/2011 08:08 AM, Sotomayor, Vicente (ITD) wrote:
Hello,
I'm testing RH 6 Openldap clients and I getting a lot of errors and poor performance while trying to login and also takes serveral minutes for a su - command to work. We are using SSL. I'm seeing plenty of "errors ldap_result() timed out" in the messages file and it also states that it can not contact either ldap server. I enabled root to temporarily ssh and that even takes up 2 minutes. Our RH 5 clients are having no issues. Does anyone know the fix?
what version of openldap? rpm -qi openldap
Thanks
pam_ldap.conf :
base dc=x,dc=x,dc=x,dc=x uri ldaps://x ldaps://x tls_cacertdir /etc/openldap/cacerts pam_password md5 sudoers_base ou=SUDOers,dc=x,dc=x,dc=x,dc=x
nslcd.conf: uid nslcd gid ldap uri ldaps://x ldaps://x base dc=x,dc=x,dc=x,dc=x tls_cacertdir /etc/openldap/cacerts
openldap-technical@openldap.org
-
Michael Ströder -
Rich Megginson -
Sotomayor, Vicente (ITD)