Many thanks, Christopher. I'm on nslcd 0.7.2 right now. Definitely a place to start. Very appreciated.
Christopher Wood christopher_wood@pobox.com wrote:
http://ubuntuforums.org/showthread.php?t=1633524
http://lists.arthurdejong.org/nss-pam-ldapd-users/2011/msg00082.html
My fix was to "apt-get source nslcd" on a Debian Squeeze box, then use those files to build a new deb on Ubuntu and shove the result in my repository. Presto, working nslcd on Ubuntu 10.04.
On Wed, Sep 26, 2012 at 04:46:30PM -0400, Adam Wolfe wrote:
I'm having trouble keeping my servers connected to our openLDAP server.
All through syslog I see messages like this:
Sep 26 14:06:01 hostname nslcd[930]: [2aeb87] connected to LDAP server [1]ldaps://ldap.domain.com/ Sep 26 14:07:01 hostname nslcd[930]: [aae0a3] ldap_result() failed: Can't contact LDAP server Sep 26 14:07:01 hostname nslcd[930]: [74310e] ldap_result() failed: Can't contact LDAP server Sep 26 14:07:01 hostname nslcd[930]: [aae0a3] ldap_abandon() failed to abandon search: Other (e.g., implementation specific) error Sep 26 14:07:01 hostname nslcd[930]: [b2a65f] ldap_result() failed: Can't contact LDAP server Sep 26 14:07:01 hostname nslcd[930]: [b2a65f] ldap_abandon() failed to abandon search: Other (e.g., implementation specific) error Sep 26 14:07:01 hostname nslcd[930]: [74310e] ldap_abandon() failed to abandon search: Other (e.g., implementation specific) error Sep 26 14:07:01 hostname nslcd[930]: [73c9b8] ldap_result() failed: Can't contact LDAP server Sep 26 14:07:01 hostname nslcd[930]: [73c9b8] ldap_abandon() failed to abandon search: Other (e.g., implementation specific) error Sep 26 14:07:01 hostname nslcd[930]: [73c9b8] connected to LDAP server [2]ldaps://ldap.domain.com/
I'm at the point where I want to start blaming the server, but this is happening on all the new servers I am bringing up (Ubuntu 10.04) and not on the older servers (8.04). Everything seems fine and we can sudo and su with our ldap accounts and then out of no where "so-and-so is not in the sudoers file". A simple "id user" re-establishes the connection and all is well again for a while.
Has anyone else ran into this and finally, permanently made it work?
References
Visible links
- file:///tmp/ldaps:/ldap.domain.com/
- file:///tmp/ldaps:/ldap
Adam Wolfe wrote:
Many thanks, Christopher. I'm on nslcd 0.7.2 right now. Definitely a place to start. Very appreciated.
It's great that a solution was found, but that's off-topic for this list. nslcd has its own mailing list where you can obtain definitive answers. You should have asked there instead.
http://arthurdejong.org/nss-pam-ldapd/
Christopher Wood christopher_wood@pobox.com wrote:
http://ubuntuforums.org/showthread.php?t=1633524
http://lists.arthurdejong.org/nss-pam-ldapd-users/2011/msg00082.html
My fix was to "apt-get source nslcd" on a Debian Squeeze box, then use those files to build a new deb on Ubuntu and shove the result in my repository. Presto, working nslcd on Ubuntu 10.04.
On Wed, Sep 26, 2012 at 04:46:30PM -0400, Adam Wolfe wrote:
I'm having trouble keeping my servers connected to our openLDAP server. All through syslog I see messages like this: Sep 26 14:06:01 hostname nslcd[930]: [2aeb87] connected to LDAP server [1]ldaps://ldap.domain.com/
openldap-technical@openldap.org