[389-users] nscd: nss_ldap: could not search LDAP server - Server is unavailable

Prashanth Sundaram psundaram at wgen.net
Tue Dec 29 19:02:33 UTC 2009 

All,


I have two 389-ds servers with MMR via TLS and client hosts authenticating
via TLS. I see this error message in all client machines in
/var/log/messages. It seems nscd is failing at random intervals. Has anyone
seen this before?

Dec 29 10:35:35 dmc189 nscd: nss_ldap: could not search LDAP server - Server
is unavailable
Dec 29 11:00:21 dmc189 nscd: nss_ldap: could not search LDAP server - Server
is unavailable
Dec 29 11:12:15 dmc189 nscd: nss_ldap: could not search LDAP server - Server
is unavailable

Steps Taken:
1. start/stop/restart nscd.
2. ldapsearch works fine
3. Turned ON nscd.log (no useful info found)
4. URI in ldap.conf and CN on server-cer is same.

Possible causes:
In /etc/ldap.conf
:
nss_initgroups_ignoreusers
root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
.

Is this config correct?

/etc/nscd.conf looks like this
      logfile                 /var/log/nscd.log
#       threads                 6
#       max-threads             128
        server-user             nscd
#       stat-user               nocpulse
        debug-level             10
#       reload-count            5
        paranoia                no
#       restart-interval        3600

        enable-cache            passwd          yes
        positive-time-to-live   passwd          600
        negative-time-to-live   passwd          20
        suggested-size          passwd          211
        check-files             passwd          yes
        persistent              passwd          yes
        shared                  passwd          yes
        max-db-size             passwd          33554432
        auto-propagate          passwd          yes

        enable-cache            group           yes
        positive-time-to-live   group           3600
        negative-time-to-live   group           60
        suggested-size          group           211
        check-files             group           yes
        persistent              group           yes
        shared                  group           yes
        max-db-size             group           33554432
        auto-propagate          group           yes

        enable-cache            hosts           yes
        positive-time-to-live   hosts           3600
        negative-time-to-live   hosts           20
        suggested-size          hosts           211
        check-files             hosts           yes
        persistent              hosts           yes
        shared                  hosts           yes
        max-db-size             hosts           33554432

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20091229/30769361/attachment.htm>

More information about the Fedora-directory-users mailing list