[CentOS] Services take a long time during initialzation (LDAP-authentication)

Thu Oct 2 15:17:58 UTC 2008
Craig White <craigwhite at azapple.com>

On Thu, 2008-10-02 at 17:08 +0200, Bernhard Gschaider wrote:
> Hi!
> 
> I've got a CentOS4.7-machine as a fileserver. The machine also serves
> as the LDAP-server against which all regular users are
> authenticated. The problem I am having is that the machine takes a
> very long time to boot. Most of the services start up rather quick,
> but three services take quite a long time (extending the boot time to
> over half an hour, which is .... long)
> 
> The three services are (in that order):
> 
>  - NFS statd
>  - LDAP
>  - NFS quota
> 
> As soon as the LDAP-Service (and sshd) has started I can remotly log
> into the machine: the rpc.quotad has started but takes no CPU-time (so
> I guess he must be waiting for something)
> 
> Some other observations I had:
>  - a restart of LDAP takes several minutes
>  - if the LDAP-service is down a "su ldap" (ldap IS in /etc/passwd)
>    seems to hang. The ldap-service-script does such a su to check the
>    configuration so I guess that is what takes the service so long)
> 
> Could anyone give me a hint what the problem could be and how to fix
> it? Is any more information required (don't want to spam you with the
> nsswitch.conf and the whole pam.d-stuff)?
----
add this to the bottom of /etc/ldap.conf

timelimit 30
bind_timelimit 30
bind_policy soft
nss_initgroups_ignoreusers root,ldap

Craig