Results 1 to 2 of 2

Thread: nslcd problems

  1. #1
    Join Date
    Nov 2010
    Beans
    5

    nslcd problems

    Hi,

    we run a kubuntu lucid system as a LTSP terminal server with 7 thin clients. The ltsp-server is in subnet 172.16.16.0/20.

    The user authentication is organized via ldap. The ldap-server is in another subnet (172.16.32.0/20).

    I have now trouble with authentication. After several hours a

    id $USER

    leads to no result. After restarting the nslcd-daemon on the ltsp-server authentication works immediately as expected.

    Any hints?

    Thank you in advance, Markus

  2. #2
    Join Date
    Mar 2008
    Beans
    9

    Re: nslcd problems

    (This post is clearly too late - 8 months later. Hopefully it will help the next person.)

    The issue is caused by a bug in the nslcd package. The version that ships with 10.04 is 0.7.2 and a fix is not known to be in place until version 0.7.13 or later.

    If you are running into this problem, there are a few possible fixes:

    1. Manually install nslcd 0.7.13 or later (Earlier versions may have fixed it, but this one is KNOWN to not have the issue). This is the best solution.

    2. Add a cronjob to regularly restart nslcd at some reasonable interval (say, 5 minutes). This is definitely a hack, but will work reliably.

    3. Add an idle_timeout to your /etc/nslcd.conf of something really small (for me it was 1 second). If you also tune down bind_timelimit and timelimit to something small, this should square the issue away. (WARNING - this solution did not work in all cases it was tested in, and is only slightly less of a hack than #2)


    Here is the most complete thread I found on it so far:

    http://lists.arthurdejong.org/nss-pa.../msg00082.html
    Last edited by terencekent; June 3rd, 2011 at 07:02 AM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •