[CentOS] nss_ldap failed to bind to LDAP server 127.0.0.1
Craig White
craig at tobyhouse.com
Tue Feb 19 23:31:24 UTC 2008
On Tue, 2008-02-19 at 14:09 -0800, Hugh E Cruickshank wrote:
> Hi All:
>
> Over the weekend I install all the outstanding updates for our
> CentOS 4 based server. Since I had been holding off on these until
> I had addressed some disk space issues there were a large number
> (300+). I know my bad! After installing the updates I rebooted the
> system and it took forever to boot and once up there were problems
> connecting to some of our SAMBA shares. I checked the messages log
> file and found a multitude of entries similar to:
>
> Feb 17 19:46:18 fisds0 named[23187]: nss_ldap: failed to bind to
> LDAP server 127.0.0.1: Can't contact LDAP server
> Feb 17 19:46:18 fisds0 named[23187]: nss_ldap: reconnecting to
> LDAP server...
>
> These were being reported for named, nscd, smbd, statd, rquotad, etc.
>
> I did some google searching and found some references to the change of
> the default value for the "bind_policy" parameter in the "ldap.conf"
> file from "soft" to "hard". I added and explicit "bind_policy soft" to
> the "/etc/ldap.conf" file and that has improved things dramatically.
>
> However the errors are still being reported in the messages log file.
> The errors are valid as we do not have and LDAP server (on my list
> for a future project). What I am trying to figure out is why it is
> looking for one. I have done some additional google searching but I
> have not found any definitive answers. From what I have seen I suspect
> that the problem lays with our /etc/nsswitch.conf file and that I
> need to change references to "file ldap" to just "files".
>
> I am loath to make such changes without something more definite then
> my personal suspicion. Can someone confirm that I am on the right track
> or, if not, point me in the right direction?
----
I have to use these in CentOS 5.x
tail -n 4 /etc/ldap.conf
timelimit 30
bind_timelimit 30
bind_policy soft
nss_initgroups_ignoreusers root,ldap
I don't know about quotad, nscd (I haven't been using them)
You shouldn't need to add anything for smbd, statd at all
Craig
More information about the CentOS
mailing list