Re: nss_ldap failed to bind to LDAP server 127.0.0.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Tue, 2008-02-19 at 14:09 -0800, Hugh E Cruickshank wrote:
> Hi All:
> 
> Over the weekend I install all the outstanding updates for our
> CentOS 4 based server. Since I had been holding off on these until
> I had addressed some disk space issues there were a large number
> (300+). I know my bad! After installing the updates I rebooted the
> system and it took forever to boot and once up there were problems
> connecting to some of our SAMBA shares. I checked the messages log
> file and found a multitude of entries similar to:
> 
>   Feb 17 19:46:18 fisds0 named[23187]: nss_ldap: failed to bind to
>   LDAP server 127.0.0.1: Can't contact LDAP server
>   Feb 17 19:46:18 fisds0 named[23187]: nss_ldap: reconnecting to
>   LDAP server...
> 
> These were being reported for named, nscd, smbd, statd, rquotad, etc.
> 
> I did some google searching and found some references to the change of
> the default value for the "bind_policy" parameter in the "ldap.conf"
> file from "soft" to "hard". I added and explicit "bind_policy soft" to
> the "/etc/ldap.conf" file and that has improved things dramatically.
> 
> However the errors are still being reported in the messages log file.
> The errors are valid as we do not have and LDAP server (on my list 
> for a future project). What I am trying to figure out is why it is
> looking for one. I have done some additional google searching but I
> have not found any definitive answers. From what I have seen I suspect
> that the problem lays with our /etc/nsswitch.conf file and that I 
> need to change references to "file ldap" to just "files".
> 
> I am loath to make such changes without something more definite then
> my personal suspicion. Can someone confirm that I am on the right track
> or, if not, point me in the right direction?
----
I have to use these in CentOS 5.x

tail -n 4 /etc/ldap.conf
timelimit 30
bind_timelimit 30
bind_policy soft
nss_initgroups_ignoreusers root,ldap

I don't know about quotad, nscd (I haven't been using them)

You shouldn't need to add anything for smbd, statd at all

Craig

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux