Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 11 Jul 2006 00:15:46 +0900 (JST)
From:      "UEMURA (fka. MAENAKA) Tetsuya" <maenaka@pluto.dti.ne.jp>
To:        freebsd-stable@freebsd.org
Subject:   Re: slapd - slow starting
Message-ID:  <20060710151546.CC8714849@towerrecords.minidns.net>
In-Reply-To: <86fyh9tws4.fsf@srvbsdnanssv.interne.kisoft-services.com>
References:  <200607101600.56911.dzalewski@open-craft.com> <86fyh9tws4.fsf@srvbsdnanssv.interne.kisoft-services.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Posted on Mon, 10 Jul 2006 15:27:39 +0200
by author Eric Masson <e-masson@kisoft-services.com>
> Chicken & Egg problem, the system queries the ldap backend to get
> informations about the account it will use to start the ldap backend.
Indeed. So that by adding `bind_policy soft' to nss_ldap.conf to force
nss to quit querying immediately if LDAP server isn't ready.

Note that by default, LDAP server tries to resolv user:ldap and
group:ldap, and of course both must be resolvable without LDAP server
itself, add user:ldap and group:ldap to /etc files.

Anyway, my nss_ldap.conf has only the follwing 4 lines, FYI.
maenaka@~> grep -vE '^#|^$' < /usr/local/etc/nss_ldap.conf
base dc=ldapserver
uri ldapi://%2fvar%2frun%2fopenldap%2fldapi/
bind_timelimit 5
bind_policy soft

maenaka@~> ls -laR /var/run/openldap/
total 8
drwxrwxr-x  2 root  ldap    512 Jul  9 00:13 .
drwxr-xr-x  8 root  wheel  1024 Jul 11 00:14 ..
srwxrwxrwx  1 root  ldap      0 Jul  9 00:13 ldapi
-rw-r--r--  1 ldap  ldap     94 Jul  9 00:13 slapd.args
-rw-r--r--  1 ldap  ldap      6 Jul  9 00:13 slapd.pid

-- 
UEMURA (fka. MAENAKA) Tetsuya <maenaka@pluto.dti.ne.jp>




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060710151546.CC8714849>