Linux #10 : LDAP Server is down and then we can’t access all servers is using ldap authentication.

Now using NSS_LDAP for LDAP Client. /etc/ldap.conf is being controlled NSS_LDAP.
NSS_LDAP has reconnect policy, default policy is hard_open(alias hard).

It means ..

# Reconnect policy:
# hard_open: reconnect to DSA with exponential backoff if
# opening connection failed
# hard_init: reconnect to DSA with exponential backoff if
# initializing connection failed
# hard: alias for hard_open
# soft: return immediately on server failure
#bind_policy hard

hard_open mode is reconnecting the ldap server is down or problem, again and again.
because the result that this situation looks same hang up the server, we can’t access it and takes a long time to access it.
account by ldap and root account, too.

soft mode is return immediately on server failure.
If LDAP server is down, return message immediately. “Permission denied, please try again.”
and we can access for root account immediately when LDAP is down.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.