[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OpenLDAP does not seem to start
- To: alexs@ulgsm.ru
- Subject: Re: OpenLDAP does not seem to start
- From: Edward Capriolo <edlinuxguru@gmail.com>
- Date: Fri, 22 Jan 2010 12:07:40 -0500
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=bkkPWns0EwZnJD4/3Wr6gn/3syDGcRFclYguEsU6Kus=; b=UFx3Eb1Ezewb4wNYEU6kLWXG1EA2AH6TSMaJy6MdxqSkdyokmFLpD3wn//2uS/SVKe D544T1/LB9l/rkuMiZYMHuEZcO6PtqrTjA/Romb9NX1zyxf3TN2aXcl6Y8istgemXvUX /VG0zzgmln13YEbh/1Olkku7x7XLIVxkHGaqQ=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=PVl8j0OikF9cHXFUfkkxVAj/2KY6gvtyxfVmU4Vv6p1iw05EnQRYE1okYuEk2HPAUj ZqIzFVH5OU8M5q6tlA5lZEN1gbH9947RWq+qfX52CkBawr2uNo+3kWZojoleVxEkJpwi MvyIOPyU6dfoyMjqpWfGu0cJjUJOj87hGUba4=
- In-reply-to: <20100121060103.GA36453@mail.ulgsm.ru>
- References: <2124.204.184.27.217.1264009812.squirrel@mail.bloomfield.k12.mo.us> <20100121060103.GA36453@mail.ulgsm.ru>
On Thu, Jan 21, 2010 at 1:01 AM, <alexs@ulgsm.ru> wrote:
> * sgmayo@mail.bloomfield.k12.mo.us <sgmayo@mail.bloomfield.k12.mo.us> [2010-01-20 11:50:12 -0600]:
>
>> Everything has been running fine for months. We had a power outage this
>> morning and I restarted my servers and things still seemed to be fine. A
>> bit later network drives could not be reached and so on. I tried
>> restarting LDAP and Samba, but it seems after the LDAP daemon was stopped,
>> it could not restart. I decided to reboot the server just in case and now
>> the server just hangs while starting services. This is a Fedora 10, so I
>> booted with the CD to recovery mode so I could see logs. Here is what my
>> message log looks like.
>>
>> Jan 20 11:27:56 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://127.0.0.1 Can't contact LDAP server
>> Jan 20 11:27:56 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://10.0.0.100 Can't contact LDAP server
>> Jan 20 11:27:56 school1 rpc.statd[1522] nss_ldap: reconnecting to LDAP
>> server (sleeping 64 seconds)...
>> Jan 20 11:29:00 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://127.0.0.1 Can't contact LDAP server
>> Jan 20 11:29:00 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://10.0.0.100 Can't contact LDAP server
>> Jan 20 11:29:00 school1 rpc.statd[1522] nss_ldap: could not search LDAP
>> server - Server is unavailable
>> Jan 20 11:29:00 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://127.0.0.1 Can't contact LDAP server
>> Jan 20 11:29:00 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://10.0.0.100 Can't contact LDAP server
>> Jan 20 11:29:00 school1 rpc.statd[1522] nss_ldap: reconnecting to LDAP
>> server (sleeping 4 seconds)...
>> Jan 20 11:29:04 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://127.0.0.1 Can't contact LDAP server
>> Jan 20 11:29:04 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://10.0.0.100 Can't contact LDAP server
>> Jan 20 11:29:04 school1 rpc.statd[1522] nss_ldap: reconnecting to LDAP
>> server (sleeping 8 seconds)...
>> Jan 20 11:29:12 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://127.0.0.1 Can't contact LDAP server
>> Jan 20 11:29:12 school1 rpc.statd[1522] nss_ldap: failed to bind to LDAP
>> server ldap://10.0.0.100 Can't contact LDAP server
>> Jan 20 11:29:12 school1 rpc.statd[1522] nss_ldap: reconnecting to LDAP
>> server (sleeping 16 seconds)...
>
> It is old nss trouble.
> spald is starting from ldap user, but user cant be resolved while slapd not
> running. And slapd cant be rinning while user not resolved.
>
>
> In yours nss_ldap.conf put this
> bind_policy soft
>
> usualy helps.
>
>>
>> The 10.0.0.100 and 127.0.0.1 are the same server and is the one that LDAP
>> is sitting on so it is not trying to contact another server with the
>> 10.0.0.100.
>>
>> Is my db corrupted possibly after the electric outage? If so, is there a
>> fix to run on it or will I just have to have a backup of it?
>>
>> Thanks for any info.
>>
>>
>> --
>> Scott Mayo - System Administrator
>> Bloomfield Schools
>> PH: 573-568-5669 FA: 573-568-4565
>>
>> Question: Because it reverses the logical flow of conversation.
>> Answer: Why is putting a reply at the top of the message frowned upon?
>
> --
> alexs
>
Many documents I have read suggest that your ldap server should not
use ldap authentication from itself. I agree with this. Not all OS's
implement LDAP authentication exactly the same. Also not all operating
systems start resources in the same order.
In this case setting 'bind_policy soft ' will probably help you get
through a startup. Behind the scenes processes start are starting up,
are looking up UID's and GID's your name server switch.
In any case always try a reboot and make sure your system can startup
whatever. Sometimes these things 'seem' to be working until a reboot.