[CentOS] Issues with Ldap client on Centos 5

Hi Friends,

We are running some of the Centos 5 32 bit, 5.2 64-bit systems. These
systems are ldap clients and the ldap server is Windows 2003 Server.
Sometimes 1 or 2 services on these servers sucks 100% cpu and the load
becomes high on the server.

Below is an example where one the httpd process was eating 100% cpu
and we took dump of this process

gcore  17711

Core was generated by `/usr/sbin/httpd'.

#0  0x00002ad1849cd997 in ldap_chase_v3referrals () from
/usr/lib64/libldap-2.3.so.0

(gdb) bt full

#0  0x00002ad1849cd997 in ldap_chase_v3referrals () from
/usr/lib64/libldap-2.3.so.0

No symbol table info available.

#1  0x00002ad1849bc4dd in ldap_msgdelete () from /usr/lib64/libldap-2.3.so.0

No symbol table info available.

#2  0x00002ad1849bceb0 in ldap_result () from /usr/lib64/libldap-2.3.so.0

No symbol table info available.


/etc/ldap.conf file



host dc.example.com
base ou=users,dc=example,dc=com
binddn cn=ldap,ou=extra accounts,dc=example,dc=com
bindpw QrQcepFKHR6wGNXu4
scope sub
ssl no
nss_base_passwd dc=example,dc=com?sub
nss_base_shadow dc=example,dc=com?sub
nss_base_group dc=example,dc=com?sub
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_attribute uid sAMAccountName
nss_map_attribute uidNumber UidNumber
nss_map_attribute gidNumber GidNumber
nss_map_attribute loginShell LoginShell
nss_map_attribute gecos name
nss_map_attribute userPassword unixUserPassword
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_objectclass posixGroup Group
nss_map_attribute uniqueMember msSFU30PosixMember
nss_map_attribute cn cn
pam_login_attribute sAMAccountName
pam_filter objectclass=user
pam_password md5
timelimit 0
sizelimit 0
tls_cacertdir /etc/openldap/cacerts

There are 2 bugs listed on the redhat site but no solution for this
problem has been provided.


https://bugzilla.redhat.com/show_bug.cgi?id=222667

https://bugzilla.redhat.com/show_bug.cgi?id=474181



Thanks & Regards

Ankush