name & id looks up are suddenly failing

[Ryan Golhar]

Just figured it out after searching for three days....figures I would 
get it right after sending out an email.

We are using LDAPS with a self-signed certificate.  The self-signed 
certificate expires 1-yr from the date we signed it....March 25, 2008.

I re-signed the certificate and all is okay.



Aaron Bliss wrote:
> If seen this happen when there are dns problems.  You may want to check out
> /etc/resolv.conf and ensure all is okay there.
> 
> Aaron
> 
> -----Original Message-----
> From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
> On Behalf Of Ryan Golhar
> Sent: Monday, March 30, 2009 3:45 PM
> To: General Red Hat Linux discussion list
> Subject: name & id looks up are suddenly failing
> 
> I have an LDAP system running on a RHEL 5 box for quite some time now 
> without any problem.
> 
> Recently, anytime a user tries to log in they are unable to.  I managed 
> to log in as root and try to do any command that requires looking up a 
> username, and the system hangs.  Even doing an 'ls /home' hangs.
> 
> I've determined it has something to do with nss...if I remove ldap from 
> nsswitch.conf, the system responds, but user ids are not translated to 
> user names.
> 
> /var/log/messges doesn't show much, just:
> Mar 30 15:43:38 sapphire ls: nss_ldap: could not search LDAP server - 
> Server is unavailable
> Mar 30 15:43:38 sapphire ls: nss_ldap: reconnecting to LDAP server 
> (sleeping 4 seconds)...
> Mar 30 15:43:42 sapphire ls: nss_ldap: reconnecting to LDAP server 
> (sleeping 8 seconds)...
> Mar 30 15:43:44 sapphire ls: nss_ldap: reconnecting to LDAP server 
> (sleeping 16 seconds)...
> Mar 30 15:44:00 sapphire ls: nss_ldap: reconnecting to LDAP server 
> (sleeping 32 seconds)...
> 
> 
> I haven't changed anything on this system and have no idea why this 
> started.  Its a fully patched RHEL 5 box.  Any ideas where to start looking?
> 
> 
> 
>