Re: nss_ldap failed to bind to LDAP server 127.0.0.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



on 2/19/2008 2:09 PM Hugh E Cruickshank spake the following:
Hi All:

Over the weekend I install all the outstanding updates for our
CentOS 4 based server. Since I had been holding off on these until
I had addressed some disk space issues there were a large number
(300+). I know my bad! After installing the updates I rebooted the
system and it took forever to boot and once up there were problems
connecting to some of our SAMBA shares. I checked the messages log
file and found a multitude of entries similar to:

  Feb 17 19:46:18 fisds0 named[23187]: nss_ldap: failed to bind to
  LDAP server 127.0.0.1: Can't contact LDAP server
  Feb 17 19:46:18 fisds0 named[23187]: nss_ldap: reconnecting to
  LDAP server...

These were being reported for named, nscd, smbd, statd, rquotad, etc.

I did some google searching and found some references to the change of
the default value for the "bind_policy" parameter in the "ldap.conf"
file from "soft" to "hard". I added and explicit "bind_policy soft" to
the "/etc/ldap.conf" file and that has improved things dramatically.

However the errors are still being reported in the messages log file.
The errors are valid as we do not have and LDAP server (on my list for a future project). What I am trying to figure out is why it is
looking for one. I have done some additional google searching but I
have not found any definitive answers. From what I have seen I suspect
that the problem lays with our /etc/nsswitch.conf file and that I need to change references to "file ldap" to just "files".

I am loath to make such changes without something more definite then
my personal suspicion. Can someone confirm that I am on the right track
or, if not, point me in the right direction?

TIA

Regards, Hugh

As long as you have ldap entries in nsswitch.conf those services will attempt to look for ldap.

--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux