Luiz Alfredo Baggiotto
2005-Apr-27 13:51 UTC
[Samba] Question about "nss_ldap: could not get LDAP result - Can't contact LDAP server" error
Hello We have a OpenLDAP-2.2.23 + Samba 3.0.14a and the system is logging a lot (one to each minute, more or less) of errors like this: server smbd[10799]: [ID 510469 daemon.error] nss_ldap: could not get LDAP result - Can't contact LDAP server Well, I would like to ask to samba specialists if is possible that the problem is this slapd.conf option: idletimeout 30 I?m using it because I was compiled LDAP with wrapper option and wrapper doens?t support more than 256 simultaneous connections. Then, I?m thinking if smbd process is trying to restablish a closed connection and because that generating the error. Is it possible? Thank you very much.
tom burkart
2005-Apr-28 00:26 UTC
[Samba] Question about "nss_ldap: could not get LDAP result - Can't contact LDAP server" error
On Apr 27, Luiz Alfredo Baggiotto wrote:> We have a OpenLDAP-2.2.23 + Samba 3.0.14a and the system is logging a lot (one to each minute, more or less) of errors like this: > server smbd[10799]: [ID 510469 daemon.error] nss_ldap: could not get LDAP result - Can't contact LDAP serverAre you using "start tls"? If yes, are you using self-signed certificates?> I?m using it because I was compiled LDAP with wrapper option and wrapper doens?t support more than 256 simultaneous connections. Then, I?m thinking if smbd process is trying to restablish a closed connection and because that generating the error. Is it possible?Possible. But look at it from this angle: Is there a need for you to restrict this? - As in how many active ldap clients will there be at any one time? Of course there is the other issue of just turning it off to test/verify the system and then seeing whether it is necessary and then turning it back on. tom. Consultant AUSSEC Phone: 61 4 1768 2202 339 Blaxland Rd., Ryde NSW 2112 Email: tom@aussec.com