[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: slapd stops authenticating

From: Bill Dossett <billd emtex com>
To: redhat-list redhat com
Subject: Re: slapd stops authenticating
Date: Thu May 1 11:55:54 2003

nate wrote:

Bill Dossett said:

Yes /etc/nsswitch.conf has ldap entries, I am authenticating
via ldap, so it should shouln't it?  authconfig put these in, I use
 authconfig to setup my authentication and change it from one
server to another...

I am not sure how these points are relevant.... any chance you
could elaborate?

for each login, the system has to look the username up to make sure
it exists, running nscd allows the system to cache the responses from
the back end(LDAP in this case) so it doesn't have to ask the LDAP
server every_single_time. greatly improves performance. though the
system still has to query the ldap server for the password with
PAM.

what else is running on the LDAP server? and what version of redhat
is the server running?


I've just switched over to the replica server and there is little
to nothing runnning on it... it's redhat 8, that's pretty much
all I'm running now...

other things to try:

give the output of: cat /proc/sys/fs/file-nr

another:

1) (stop the ldap server)
2) run ulimit -n 5000
3) (start the ldap server)

on my redhat 7.3 box the default is 1024 open files for the
shell, the above command increases that to 5000, though this
may only delay the same problem occuring again, need to know
what else is running on the system, something is chewing resources.

another thing to try:

/usr/sbin/lsof >&/tmp/openfiles

(you may need to install lsof first, its not usually installed
I think by default). this will show you all the open files on
the system and what is using them.

also how many slapd processes are running?


hmm, I only have one slapd process runnning?  At least
when I do

ps -auwx | grep slapd

I only get one...

But the lsof output shows 8 different pids, so I guess there are
8 of them running.

the lsof output is long, but for one pid this is it and it is the
same for the other PIDs pretty much....  Not sure but I think
this is typical.  It seems to me like something fairly drastic
is happening and then whatever it is stops happening and goes
back to normal...   that plus we lost power for about 4 hours
last night hasn't helped, not sure if the problem occurred again
last night or not with the power cut...  If you seen anything
unusual, or whatever, I'd appreciate the advice.

slapd 947 ldap cwd DIR 3,2 4096 212993 /tmp slapd 947 ldap rtd DIR 3,2 4096 2 / slapd 947 ldap txt REG 3,2 443512 393540 /usr/sbin/slapd slapd 947 ldap mem REG 3,2 87341 1818629 /lib/ld-2.2.93.so slapd 947 ldap mem REG 3,2 8763 1802270 /usr/lib/sasl/libanonymous.so.1.0.17 slapd 947 ldap mem REG 3,2 14564 1802274 /usr/lib/sasl/libcrammd5.so.1.0.19 slapd 947 ldap mem REG 3,2 35683 1802278 /usr/lib/sasl/libdigestmd5.so.0.0.20 slapd 947 ldap mem REG 3,2 17692 574058 /usr/kerberos/lib/libdes425.so.3.0 slapd 947 ldap mem REG 3,2 214925 360619 /usr/lib/libldap_r.so.2.0.17 slapd 947 ldap mem REG 3,2 48163 360615 /usr/lib/liblber.so.2.0.17 slapd 947 ldap mem REG 3,2 53842 360611 /usr/lib/libsasl.so.7.1.11 slapd 947 ldap mem REG 3,2 30040 360527 /usr/lib/libgdbm.so.2.0.0 slapd 947 ldap mem REG 3,2 37114 1818710 /lib/libpam.so.0.75 slapd 947 ldap mem REG 3,2 443315 573464 /usr/kerberos/lib/libkrb5.so.3.1 slapd 947 ldap mem REG 3,2 77864 573459 /usr/kerberos/lib/libk5crypto.so.3.0 slapd 947 ldap mem REG 3,2 8966 573580 /usr/kerberos/lib/libcom_err.so.3.0 slapd 947 ldap mem REG 3,2 225009 1818706 /lib/libssl.so.0.9.6b slapd 947 ldap mem REG 3,2 990234 1818705 /lib/libcrypto.so.0.9.6b slapd 947 ldap mem REG 3,2 22351 1818640 /lib/libcrypt-2.2.93.so slapd 947 ldap mem REG 3,2 90444 1818646 /lib/libnsl-2.2.93.so slapd 947 ldap mem REG 3,2 69434 1818674 /lib/libresolv-2.2.93.so slapd 947 ldap mem REG 3,2 28955 360705 /usr/lib/libltdl.so.3.1.0 slapd 947 ldap mem REG 3,2 11314 1818642 /lib/libdl-2.2.93.so slapd 947 ldap mem REG 3,2 85498 737290 /lib/i686/libpthread-0.10.so slapd 947 ldap mem REG 3,2 42657 1818662 /lib/libnss_files-2.2.93.so slapd 947 ldap mem REG 3,2 11214 1802310 /usr/lib/sasl/liblogin.so.0.0.7 slapd 947 ldap mem REG 3,2 10928 1802314 /usr/lib/sasl/libplain.so.1.0.16 slapd 947 ldap mem REG 3,2 50024 1818670 /lib/libnss_nisplus-2.2.93.so slapd 947 ldap mem REG 3,2 1682620 1818728 /lib/libnss_ldap-2.2.90.so slapd 947 ldap mem REG 3,2 15807 1818659 /lib/libnss_dns-2.2.93.so slapd 947 ldap mem REG 3,2 1395734 737286 /lib/i686/libc-2.2.93.so slapd 947 ldap 0u CHR 1,3 67070 /dev/null slapd 947 ldap 1u CHR 1,3 67070 /dev/null slapd 947 ldap 2u CHR 1,3 67070 /dev/null slapd 947 ldap 3u unix 0xd9513540 18739 socket slapd 947 ldap 4r FIFO 0,5 18740 pipe slapd 947 ldap 5w FIFO 0,5 18740 pipe slapd 947 ldap 6u IPv4 18741 TCP *:ldap (LISTEN) slapd 947 ldap 7u IPv4 18742 TCP *:ldaps (LISTEN) slapd 947 ldap 8r FIFO 0,5 18750 pipe slapd 947 ldap 9w FIFO 0,5 18750 pipe slapd 947 ldap 10u IPv4 18759 TCP chinaco.emtex.com:ldap->deploy.emtex.com:33388 (ESTABLISHED) slapd 947 ldap 11u IPv4 18762 TCP chinaco.emtex.com:ldap->deploy.emtex.com:33389 (ESTABLISHED) slapd 947 ldap 12u REG 3,2 69632 1328128 /var/lib/ldap/dn2id.gdbm slapd 947 ldap 13u REG 3,2 287751 1328131 /var/lib/ldap/id2entry.gdbm slapd 947 ldap 14u REG 3,2 12296 1328136 /var/lib/ldap/nextid.gdbm slapd 947 ldap 15u REG 3,2 18480 1328137 /var/lib/ldap/objectClass.gdbm slapd 947 ldap 16u REG 3,2 19476 1328135 /var/lib/ldap/memberUid.gdbm slapd 947 ldap 17u IPv4 18811 TCP chinaco.emtex.com:ldap->deploy.emtex.com:33391 (ESTABLISHED) slapd 947 ldap 18u REG 3,2 16636 1328141 /var/lib/ldap/uid.gdbm slapd 947 ldap 19u IPv4 18835 TCP chinaco.emtex.com:ldap->tarantula.emtex.com:35448 (ESTABLISHED) slapd 947 ldap 20u IPv4 18836 TCP chinaco.emtex.com:ldap->tarantula.emtex.com:35449 (ESTABLISHED) slapd 947 ldap 21u IPv4 18872 TCP chinaco.emtex.com:ldap->tarantula.emtex.com:35486 (ESTABLISHED) slapd 947 ldap 22u IPv4 19586 TCP chinaco.emtex.com:ldap->tarantula.emtex.com:35596 (ESTABLISHED) slapd 947 ldap 23u IPv4 18937 TCP chinaco.emtex.com:ldap->deploy.emtex.com:33393 (ESTABLISHED) slapd 947 ldap 24u IPv4 19563 TCP chinaco.emtex.com:ldap->deploy.emtex.com:33398 (ESTABLISHED) slapd 947 ldap 25u IPv4 18896 TCP chinaco.emtex.com:ldap->tarantula.emtex.com:35513 (ESTABLISHED) slapd 947 ldap 26u IPv4 18779 TCP chinaco.emtex.com:ldap->tarantula.emtex.com:35389 (ESTABLISHED) slapd 947 ldap 27u IPv4 19578 TCP chinaco.emtex.com:ldap->tarantula.emtex.com:35590 (ESTABLISHED) slapd 947 ldap 28u IPv4 19583 TCP chinaco.emtex.com:ldap->deploy.emtex.com:33401 (ESTABLISHED)

on my redhat 7.3 box

I have 36. I don't have many users authenticating via LDAP but
my mail server routes mail using ldap so the server is queried
constantly(I get about 5-6,000 messages/day).

nate

Follow-Ups:
- Re: slapd stops authenticating
  - From: nate

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]