search for: idle_timelimit

...k. The backup uses syncrepl to grab the database, and to my eyes both LDAP servers answer read queries identically. I'm testing the client side of this configuration on virtual CentOS 5 i386 machine. /etc/ldap.conf reads ----- %< ----- base dc=DOMAIN,dc=com timelimit 30 bind_timelimit 30 idle_timelimit 300 nss_initgroups_ignoreusers root,ldap,named,[... trimmed ...] uri ldap://ldap1.DOMAIN.com ldap://ldap2.DOMAIN.com ssl start_tls tls_cacertdir /etc/openldap/cacerts pam_password md5 ----- %< ----- The client will bind to whichever server is listed first after the 'uri' directive. In...

...files services: db files ethers: db files rpc: db files publickey: nisplus netgroup: files libnss_ldap.conf host xx.xx.xx.xx base dc=xxx,dc=xxxxx,dc=xxx binddn cn=Administrator,dc=xxx,dc=xxxxx,dc=xxx bindpw xxxxxxx timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop nss_base_passwd dc=xxx,dc=xxxxx,dc=xxx nss_base_shadow dc=xxx,dc=xxxxx,dc=xxx nss_base_group dc=xxx,dc=xxxxx,dc=xxx ssl off Thank you, Wasil.

...ile: /etc/libnss-ldap.conf ## ripped from: http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#sbehap-nss01 host 127.0.0.1 #base dc=abmas,dc=biz base dc=sysgenmedia,dc=com ldap_version 3 binddn cn=manager,dc=sysgenmedia,dc=com bindpw MyPassWord timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop #nss_base_passwd ou=People,dc=abmas,dc=biz?one #nss_base_shadow ou=People,dc=abmas,dc=biz?one #nss_base_group ou=Groups,dc=abmas,dc=biz?one nss_base_passwd ou=People,dc=sysgenmedia,dc=com?one nss_base_shadow ou=People,dc=sysgenmedia,dc=com?one nss_base_group ou=Groups,dc=sy...

...auth config binddn cn=admin,dc=ourdomain,dc=com rootbinddn cn=admin,dc=ourdomain,dc=com # random stuff #timelimit 120 #bind_timelimit 120 #bind_policy hard # brought these times down wmodes Aug 11, 2008 timelimit 30 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_base_passwd ou=people,dc=ourdomain,dc=com?one nss_base_shadow ou=people,dc=ourdomain,dc=com?one nss_base_group ou=group,dc=ourdomain,dc=com?one...

...t. # Optional: default is 389. #port 389 # Search timelimit #timelimit 30 timelimit 120 # Bind/connect timelimit #bind_timelimit 30 bind_timelimit 120 # Idle timelimit; client will close connections # (nss_ldap only) if the server has not been contacted # for the number of seconds specified below. #idle_timelimit 3600 idle_timelimit 3600 # Netscape SDK LDAPS #ssl on # Netscape SDK SSL options #sslpath /etc/ssl/certs # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 #ssl start_tls #ssl on # OpenLDAP SSL options # Require and verify server certificate (yes/no) # Def...

...auth config binddn cn=admin,dc=ourdomain,dc=com rootbinddn cn=admin,dc=ourdomain,dc=com # random stuff #timelimit 120 #bind_timelimit 120 #bind_policy hard # brought these times down wmodes Aug 11, 2008 timelimit 30 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_base_passwd ou=people,dc=ourdomain,dc=com?one nss_base_shadow ou=people,dc=ourdomain,dc=com?one nss_base_group ou=group,dc=ourdomain,dc=com?one...

...lly via nslcd (using bindpw) using the getent command. I can ssh into a FreeBSD box with my AD user credentials! The nslcd mappings are as follows: # Alternative mappings for Active Directory # (replace the SIDs in the objectSid mappings with the value for your domain) pagesize 1000 referrals off #idle_timelimit 800 filter passwd (&(objectClass=user)(objectClass=person)(!(objectClass=computer))) #map passwd uid cn map passwd uid sAMAccountName map passwd uidNumber objectSid:S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX map passwd gidNumber objectSid:S-1-5-21-XXXXXX...

...lDomain="example.org" with_smbpasswd="0" with_slappasswd="0" /etc/ldap.conf ********************** host server.example.org base dc=example,dc=org binddn cn=config bindpw 1w2345FJ rootbinddn cn=zimbra,dc=example,dc=org timelimit 120 bind_timelimit 120 bind_policy soft idle_timelimit 3600 nss_base_passwd ou=people,dc=example,dc=org?one nss_base_shadow ou=people,dc=example,dc=org?one nss_base_group ou=groups,dc=example,dc=org?one nss_base_hosts ou=machines,dc=example,dc=org?one nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,r...

I'm about ready to smash my head through a wall...I could use a few answers. 1. When using security = ads, and completing net ads join, it was my understanding that samba authenticated username/pword against ads, and local posix accounts were nolonger needed, is this true? 2. If yes, I have not been able to get it to work. If I have a posix user account with the same name as one in

Hello I'm searching infos on using Dovecot with pam_ldap and FreeBSD 6.2 any pointers welcome :-) Thanks -- Frank

...Every time I restart openldap i get an error message from nscd: --- May 15 14:53:02 mail nscd: nss_ldap: could not search LDAP server - Server is unavailable --- This is due to a timeout, correct? Here is part of my /etc/ldap.conf --- timelimit 120 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap --- Is there a way to solve this? Thanks, Manuel Monteiro -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20090515/e7149c84/attachment-0004.html...

Hi all, I have a few ldap servers slaved to a primary via syncrepl, all is well. I've set my clients to auth against a few and there /etc/ldap.conf looks like so; uri ldap://primary.domain.com ldap://secondary.domain.com However when either primary or slaves go down, while the clients can log in, access is very slow, ls of any dir is painful. The /var/log/messages shows several failed

Hi ! We are planing on deploying an ldap master and replica to serve as our new authentication server for our soon to be RedHat cluster. But, we need to be able to function if the master is down for whatever reason. So, I tried to specify 2 servers in the setup-authentification servername section, separated by a comma, but it doesn't seem to work. So, is it possible to specifying 2 ldap

...ap.conf file : base dc=tata,dc=toto,dc=fr binddn cn=XXXXX,dc=tata,dc=toto,dc=fr bindpw XXXXXX scope sub pam_filter objectclass=supannPerson # We don't use the uid attribute to authenticate the users nss_map_attribute uid iufmLogin # Default options port 389 timelimit 120 bind_timelimit 120 idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd uri ldap://127.0.0.1/ ssl no tls_cacertdir /etc/openldap/cacerts pam_password md5 - Here the nsswitch.conf file : [...] passwd: files ldap shadow: files ldap group: files lda...

...working perfectly fine for years before the power outage. I'm really thinking that some file got corrupted and I just need to clean it out. Maybe a cache file somewhere? Following is ldap.conf file. Any suggestions? <ldap.conf> base dc=inside,dc=msi timelimit 120 bind_timelimit 120 idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman rootbinddn cn=Manager,dc=inside,dc=msi nss_base_passwd ou=People,dc=inside,dc=msi nss_base_shadow ou=People,dc=inside,dc=msi nss_base_group ou=Group,dc=inside,dc=msi uri ldap://127.0.0.1 ldap://m...

...39;m hoping this means I don't have to mess with Pam, is that correct? Here's the config files... #my /etc/ldap.conf file host pdcserver.meds.cwru.edu base dc=som,dc=com binddn cn=Manager,dc=som,dc=com bindpw <password removed> rootbinddn cn=Manager,dc=som,dc=com bind_timelimit 30 idle_timelimit 3600 pam_password exop nss_base_passwd ou=People,dc=som,dc=com?one nss_base_shadow ou=People,dc=som,dc=com?one nss_base_group ou=Group,dc=som,dc=com?one nss_initgroups_ignoreusers root,ldap ssl off tls_cacertfile /etc/pki/tls/certs/hypothalamus.cer ===== #my nsswitch.conf...

Does anyone know if there is a fix for nscd segfaulting after a short period of time. Googling for it came up with one result that suggested deleting the files in /var/db/nscd , but that didn't help. Another result was about run away processes which is not the problem I'm having. They are x86_64 boxes. output from /var/log/messages Oct 9 12:56:38 lyra kernel: nscd[11660]: segfault at

...a resolution. It's been discussed elsewhere, but unfortunately nothing actually solves it. Here's my /etc/ldap.conf file: ################# ldap_version 3 base ou=people,o=xxx uri ldaps://server1.domain.be/ ldaps://server2.domain.be/ bind_policy soft scope sub timelimit 3 bind_timelimit 5 idle_timelimit 120 referrals no ssl start_tls ssl on tls_checkpeer yes tls_cacertdir /etc/openldap/cacerts ################# And the relevant nsswitch: ################# passwd: files ldap shadow: files ldap group: files ldap ################# So that's pretty straight forward. My LDAP systems are running f...

...am_password clear base dc=betfair nss_base_passwd ou=people,dc=mycompany?sub nss_base_group ou=Groups,dc=mycompany?sub nss_base_group ou=PrivateGroups,dc=mycompany?sub nss_base_group ou=SystemGroups,dc=mycompany?sub sizelimit 1000 idle_timelimit 5 timelimit 10 bind_timelimit 5 nss_reconnect_tries 1 nss_reconnect_maxconntries 1 nss_reconnect_sleeptime 1 nss_reconnect_maxsleeptime 1 nss_reconnect_maxconntries 1 I have also played around with various d...

Hello all, I'm new to OpenLDAP and a moderate Samba admin. My nights became not so good while trying to get running OpenLDAP + Samba as PDC on a Slackware 12.1 server... Well, the scenario is: I have a functional and already running OpenLDAP base that provides login for users on Web apps. My actual PDC is an old MS NT4 Server. I'm using the default Samba (v. 3.0.28a) installed by