All,
I have two 389-ds servers with MMR via TLS and client hosts authenticating
via TLS. I see this error message in all client machines in
/var/log/messages. It seems nscd is failing at random intervals. Has anyone
seen this before?
Dec 29 10:35:35 dmc189 nscd: nss_ldap: could not search LDAP server - Server
is unavailable
Dec 29 11:00:21 dmc189 nscd: nss_ldap: could not search LDAP server - Server
is unavailable
Dec 29 11:12:15 dmc189 nscd: nss_ldap: could not search LDAP server - Server
is unavailable
Steps Taken:
1. start/stop/restart nscd.
2. ldapsearch works fine
3. Turned ON nscd.log (no useful info found)
4. URI in ldap.conf and CN on server-cer is same.
Possible causes:
In /etc/ldap.conf
:
nss_initgroups_ignoreusers
root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
.
Is this config correct?
/etc/nscd.conf looks like this
logfile /var/log/nscd.log
# threads 6
# max-threads 128
server-user nscd
# stat-user nocpulse
debug-level 10
# reload-count 5
paranoia no
# restart-interval 3600
enable-cache passwd yes
positive-time-to-live passwd 600
negative-time-to-live passwd 20
suggested-size passwd 211
check-files passwd yes
persistent passwd yes
shared passwd yes
max-db-size passwd 33554432
auto-propagate passwd yes
enable-cache group yes
positive-time-to-live group 3600
negative-time-to-live group 60
suggested-size group 211
check-files group yes
persistent group yes
shared group yes
max-db-size group 33554432
auto-propagate group yes
enable-cache hosts yes
positive-time-to-live hosts 3600
negative-time-to-live hosts 20
suggested-size hosts 211
check-files hosts yes
persistent hosts yes
shared hosts yes
max-db-size hosts 33554432
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20091229/30769361/attachment.html
