LDAP and Redhat, a story of hangs and timeouts

Had to post this as I recently encountered an annoyance again today with LDAP on Redhat timing out if the LDAP servers can’t be reached. Sometimes, when a Linux box boots and hangs on some services like postfix, systembus, system logger, anything with a special user/group that will be mistakenly authenticated against LDAP. Not a problem if the network is there, but if not it will time out.
Add this to /etc/ldap.conf
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus

You could also fine tune with the following.

bind_timeout 2
nss_reconnect_tries 2
nss_reconnect_sleeptime 1
nss_reconnect_maxsleeptime 3
nss_reconnect_maxconntries 3


Leave a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: