[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: nscd/openldap issue

ons, 2002-11-20 kl. 15:34 skrev John Madden:

> We're running openldap 2.0.23 on a Solaris 8 box.  Our mail server,
> running Linux, uses nss_ldap to house accounts.  With 2600+ users, use of
> nscd is practically a necessity.  (Nothing like 1k procmail processes
> starting up during a mailing list delivery...)

> It works fairly well, with one exception: every now and then (seems
> random), nscd just stops responding.  No procs can even be spawned on the
> machine until it's threads are killed with a -9.  There's no explanation
> for why this happens, nothing in any logs, LDAP hasn't gone down, etc.

> I'd appreciate any tips - I've now had to write a cronjob that dumps LDAP
> into /etc/passwd every 30 mins to provide a "homegrown nscd replacement,"
> and that's just plain ugly.

I've only got the following tip. nscd 2.2.4 and its predecessor on my RH
7.2++++ linux box cause nothing but havoc with ldaps authentication on
my smtp server, Exim. The symptoms are exactly as you describe. ncd
(SGI's version of nscd) on Irix seems to do exactly the same. A couple
of entries in the Exim mailing list to Exim's daddy, Philip Hazel, say
"chuck it" (he works on Solaris, mostly and has recently been
experiencing gethostbyname problems).

Even though it may cost you much performance, give it a whirl without
nscd, (maybe 24 hours? Risk the users' wrath?) and see what happens.




Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl