search for: bind_timelimit

...ented out): host dir1.ourdomain.com base dc=.ourdomain,dc=com #uri ldaps://dir1.ourdomain.com uri ldap://dir1.ourdomain.com # basic auth config binddn cn=admin,dc=ourdomain,dc=com rootbinddn cn=admin,dc=ourdomain,dc=com # random stuff #timelimit 120 #bind_timelimit 120 #bind_policy hard # brought these times down wmodes Aug 11, 2008 timelimit 30 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_...

...ented out): host dir1.ourdomain.com base dc=.ourdomain,dc=com #uri ldaps://dir1.ourdomain.com uri ldap://dir1.ourdomain.com # basic auth config binddn cn=admin,dc=ourdomain,dc=com rootbinddn cn=admin,dc=ourdomain,dc=com # random stuff #timelimit 120 #bind_timelimit 120 #bind_policy hard # brought these times down wmodes Aug 11, 2008 timelimit 30 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_...

...erver on my network. The backup uses syncrepl to grab the database, and to my eyes both LDAP servers answer read queries identically. I'm testing the client side of this configuration on virtual CentOS 5 i386 machine. /etc/ldap.conf reads ----- %< ----- base dc=DOMAIN,dc=com timelimit 30 bind_timelimit 30 idle_timelimit 300 nss_initgroups_ignoreusers root,ldap,named,[... trimmed ...] uri ldap://ldap1.DOMAIN.com ldap://ldap2.DOMAIN.com ssl start_tls tls_cacertdir /etc/openldap/cacerts pam_password md5 ----- %< ----- The client will bind to whichever server is listed first after the 'uri...

.../openldap/cacerts]#cat /etc/ldap.conf # Your LDAP server. Must be resolvable without using LDAP. # Multiple hosts may be specified, each separated by a # space. How long nss_ldap takes to failover depends on # whether your LDAP client library supports configurable # network or connect timeouts (see bind_timelimit). #host 127.0.0.1 # The distinguished name of the search base. base dc=summitnjhome,dc=com # stored in /etc/ldap.secret (mode 600) #rootbinddn cn=manager,dc=example,dc=com # The port. # Optional: default is 389. #port 389 # Search timelimit #timelimit 30 timelimit 120 # Bind/connect timelimit #bind...

...ely, "fix nss_ldap" is about the only suggestion I could find on this problem on Google. Any other suggestions? Thanks! I'm running samba 3.0.33 on RHEL 5. /etc/ldap.conf (nss_ldap.conf on other distros): uri ldap://ldap.nebrwesleyan.edu base o=NebrWesleyan.edu,o=isp timelimit 30 bind_timelimit 30 bind_policy soft nss_initgroups_ignoreusers root,ldap ssl start_tls tls_checkpeer no The [global] section of smb.conf: [global] server string = Huxley workgroup = NWU_HUXLEY netbios name = Huxley log level = 1 log file = /var/log/samba/%U.%m.log max log size = 102400 add machine script = /us...

...rks: files protocols: db files services: db files ethers: db files rpc: db files publickey: nisplus netgroup: files libnss_ldap.conf host xx.xx.xx.xx base dc=xxx,dc=xxxxx,dc=xxx binddn cn=Administrator,dc=xxx,dc=xxxxx,dc=xxx bindpw xxxxxxx timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop nss_base_passwd dc=xxx,dc=xxxxx,dc=xxx nss_base_shadow dc=xxx,dc=xxxxx,dc=xxx nss_base_group dc=xxx,dc=xxxxx,dc=xxx ssl off Thank you, Wasil.

...nis # end /etc/nsswitch.conf ## file: /etc/libnss-ldap.conf ## ripped from: http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#sbehap-nss01 host 127.0.0.1 #base dc=abmas,dc=biz base dc=sysgenmedia,dc=com ldap_version 3 binddn cn=manager,dc=sysgenmedia,dc=com bindpw MyPassWord timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop #nss_base_passwd ou=People,dc=abmas,dc=biz?one #nss_base_shadow ou=People,dc=abmas,dc=biz?one #nss_base_group ou=Groups,dc=abmas,dc=biz?one nss_base_passwd ou=People,dc=sysgenmedia,dc=com?one nss_base_shadow ou=People,dc=sysgenmedia,dc=com?...

...sudo (debug on): [raub at centos5-x64 ~]$ sudo pwd LDAP Config Summary =================== uri ldap://idir1.internal.domain.com/ ldap://idir2.internal.domain.com/ ldap_version 3 sudoers_base ou=SUDOers,dc=domain,dc=com binddn (anonymous) bindpw (anonymous) bind_timelimit 120000 timelimit 120 ssl start_tls tls_cacertdir /etc/openldap/cacerts =================== sudo: ldap_initialize(ld, ldap://idir1.internal.domain.com/ ldap://idir2.internal.domain.com/) sudo: ldap_set_option: debug -> 0 sudo: ldap_set_option: ldap_version -> 3 sudo: l...

...userScript="logon.bat" mailDomain="example.org" with_smbpasswd="0" with_slappasswd="0" /etc/ldap.conf ********************** host server.example.org base dc=example,dc=org binddn cn=config bindpw 1w2345FJ rootbinddn cn=zimbra,dc=example,dc=org timelimit 120 bind_timelimit 120 bind_policy soft idle_timelimit 3600 nss_base_passwd ou=people,dc=example,dc=org?one nss_base_shadow ou=people,dc=example,dc=org?one nss_base_group ou=groups,dc=example,dc=org?one nss_base_hosts ou=machines,dc=example,dc=org?one nss_initgroups_ignoreusers ro...

Hello I'm searching infos on using Dovecot with pam_ldap and FreeBSD 6.2 any pointers welcome :-) Thanks -- Frank

...uot;, perhaps these are related. Every time I restart openldap i get an error message from nscd: --- May 15 14:53:02 mail nscd: nss_ldap: could not search LDAP server - Server is unavailable --- This is due to a timeout, correct? Here is part of my /etc/ldap.conf --- timelimit 120 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap --- Is there a way to solve this? Thanks, Manuel Monteiro -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/2...

Hi all, I have a few ldap servers slaved to a primary via syncrepl, all is well. I've set my clients to auth against a few and there /etc/ldap.conf looks like so; uri ldap://primary.domain.com ldap://secondary.domain.com However when either primary or slaves go down, while the clients can log in, access is very slow, ls of any dir is painful. The /var/log/messages shows several failed

Hi ! We are planing on deploying an ldap master and replica to serve as our new authentication server for our soon to be RedHat cluster. But, we need to be able to function if the master is down for whatever reason. So, I tried to specify 2 servers in the setup-authentification servername section, separated by a comma, but it doesn't seem to work. So, is it possible to specifying 2 ldap

Im running CentOS 5 with samba configured as PDC, with samba 3.0.24 and openldap-servers-2.3.30-2. My /etc/nsswitch.conf is like this: passwd: files ldap shadow: files ldap group: files ldap The problem is when I try to restart LDAP (/etc/init.d/ldap restart) then the init script just hangs. I suppose it will try to run slapd as the ldap user The ldap user is not in LDAP only in

...- Here's the ldap.conf file : base dc=tata,dc=toto,dc=fr binddn cn=XXXXX,dc=tata,dc=toto,dc=fr bindpw XXXXXX scope sub pam_filter objectclass=supannPerson # We don't use the uid attribute to authenticate the users nss_map_attribute uid iufmLogin # Default options port 389 timelimit 120 bind_timelimit 120 idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd uri ldap://127.0.0.1/ ssl no tls_cacertdir /etc/openldap/cacerts pam_password md5 - Here the nsswitch.conf file : [...] passwd: files ldap shadow: files ldap gr...

Hi! I've got a CentOS4.7-machine as a fileserver. The machine also serves as the LDAP-server against which all regular users are authenticated. The problem I am having is that the machine takes a very long time to boot. Most of the services start up rather quick, but three services take quite a long time (extending the boot time to over half an hour, which is .... long) The three services

...ain, the server was working perfectly fine for years before the power outage. I'm really thinking that some file got corrupted and I just need to clean it out. Maybe a cache file somewhere? Following is ldap.conf file. Any suggestions? <ldap.conf> base dc=inside,dc=msi timelimit 120 bind_timelimit 120 idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman rootbinddn cn=Manager,dc=inside,dc=msi nss_base_passwd ou=People,dc=inside,dc=msi nss_base_shadow ou=People,dc=inside,dc=msi nss_base_group ou=Group,dc=inside,dc=msi uri ldap:/...

...ADL Software # http://www.padl.com # # Your LDAP server. Must be resolvable without using LDAP. # Multiple hosts may be specified, each separated by a # space. How long nss_ldap takes to failover depends on # whether your LDAP client library supports configurable # network or connect timeouts (see bind_timelimit). #host # The distinguished name of the search base. base dc=riderman,dc=com # Another way to specify your LDAP server is to provide an # uri with the server name. This allows to use # Unix Domain Sockets to connect to a local LDAP Server. #uri ldap://127.0.0.1/ #uri ldaps://127.0.0.1/ #uri ldapi...

...h error NT_STATUS_NO_SUCH_USER [2007/04/20 09:36:46, 2] smbd/server.c:exit_server(614) Closing connections We have tried using smaller and greater values of ldap timeout in smb.conf but it does not help. ( from 5 to 600) We have tried using smaller and greater values in the /etc/ldap.conf for bind_timelimit and timelimit (30 by default, from 5 to 300), but it does not help. Here is our smb.conf related to ldap : passdb backend = ldapsam:"ldap://itdsd1l1.altissemiconductor.com ldap://itdsd2l2.altissemiconductor.com" ldap passwd sync = Yes ldap admin dn = cn=samba,...

...t get access. I'm hoping this means I don't have to mess with Pam, is that correct? Here's the config files... #my /etc/ldap.conf file host pdcserver.meds.cwru.edu base dc=som,dc=com binddn cn=Manager,dc=som,dc=com bindpw <password removed> rootbinddn cn=Manager,dc=som,dc=com bind_timelimit 30 idle_timelimit 3600 pam_password exop nss_base_passwd ou=People,dc=som,dc=com?one nss_base_shadow ou=People,dc=som,dc=com?one nss_base_group ou=Group,dc=som,dc=com?one nss_initgroups_ignoreusers root,ldap ssl off tls_cacertfile /etc/pki/tls/certs/hypothalamus.cer =====...