<HTML>
<HEAD>
<TITLE>nscd: nss_ldap: could not search LDAP server - Server is unavailable</TITLE>
</HEAD>
<BODY>
<FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>All,<BR>
<BR>
<BR>
I have two 389-ds servers with MMR via TLS and client hosts authenticating via TLS. I see this error message in all client machines in /var/log/messages. It seems nscd is failing at random intervals. <B>Has anyone seen this before?<BR>
</B><BR>
Dec 29 10:35:35 dmc189 nscd: nss_ldap: could not search LDAP server - Server is unavailable<BR>
Dec 29 11:00:21 dmc189 nscd: nss_ldap: could not search LDAP server - Server is unavailable<BR>
Dec 29 11:12:15 dmc189 nscd: nss_ldap: could not search LDAP server - Server is unavailable<BR>
<BR>
Steps Taken:<BR>
</SPAN></FONT><OL><LI><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>start/stop/restart nscd.
</SPAN></FONT><LI><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>ldapsearch works fine
</SPAN></FONT><LI><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>Turned ON nscd.log (no useful info found)
</SPAN></FONT><LI><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>URI in ldap.conf and CN on server-cer is same.<BR>
</SPAN></FONT></OL><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'><BR>
Possible causes:<BR>
In /etc/ldap.conf<BR>
:<BR>
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman<BR>
.<BR>
<BR>
<B>Is this config correct?<BR>
</B><BR>
/etc/nscd.conf looks like this<BR>
logfile /var/log/nscd.log<BR>
# threads 6<BR>
# max-threads 128<BR>
server-user nscd<BR>
# stat-user nocpulse<BR>
debug-level 10<BR>
# reload-count 5<BR>
paranoia no<BR>
# restart-interval 3600<BR>
<BR>
enable-cache passwd yes<BR>
positive-time-to-live passwd 600<BR>
negative-time-to-live passwd 20<BR>
suggested-size passwd 211<BR>
check-files passwd yes<BR>
persistent passwd yes<BR>
shared passwd yes<BR>
max-db-size passwd 33554432<BR>
auto-propagate passwd yes<BR>
<BR>
enable-cache group yes<BR>
positive-time-to-live group 3600<BR>
negative-time-to-live group 60<BR>
suggested-size group 211<BR>
check-files group yes<BR>
persistent group yes<BR>
shared group yes<BR>
max-db-size group 33554432<BR>
auto-propagate group yes<BR>
<BR>
enable-cache hosts yes<BR>
positive-time-to-live hosts 3600<BR>
negative-time-to-live hosts 20<BR>
suggested-size hosts 211<BR>
check-files hosts yes<BR>
persistent hosts yes<BR>
shared hosts yes<BR>
max-db-size hosts 33554432<BR>
</SPAN></FONT>
</BODY>
</HTML>