From owner-freebsd-stable@FreeBSD.ORG Mon Mar 6 07:41:11 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 112A416A420 for ; Mon, 6 Mar 2006 07:41:11 +0000 (GMT) (envelope-from dkirhlarov@localhost.oilspace.com) Received: from office.oilspace.com (office.oilspace.com [194.129.65.230]) by mx1.FreeBSD.org (Postfix) with ESMTP id 89DCD43D45 for ; Mon, 6 Mar 2006 07:41:10 +0000 (GMT) (envelope-from dkirhlarov@localhost.oilspace.com) Received: from dimma.mow.oilspace.com (hq.oilspace.com [81.19.78.185]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by office.oilspace.com (Postfix) with ESMTP id 502C0137694 for ; Mon, 6 Mar 2006 07:41:08 +0000 (GMT) Received: from dimma.mow.oilspace.com (localhost [127.0.0.1]) by dimma.mow.oilspace.com (8.13.4/8.13.3) with ESMTP id k267f5tg001129 for ; Mon, 6 Mar 2006 10:41:05 +0300 (MSK) (envelope-from dkirhlarov@localhost.oilspace.com) Received: (from dkirhlarov@localhost) by dimma.mow.oilspace.com (8.13.4/8.13.3/Submit) id k267f5cv001128 for freebsd-stable@freebsd.org; Mon, 6 Mar 2006 10:41:05 +0300 (MSK) (envelope-from dkirhlarov) Date: Mon, 6 Mar 2006 10:41:05 +0300 From: Dmitriy Kirhlarov To: freebsd-stable@freebsd.org Message-ID: <20060306074105.GB780@dimma.mow.oilspace.com> Mail-Followup-To: freebsd-stable@freebsd.org References: <20060226081431.GA813@dimma.mow.oilspace.com> <6F9C5982-E3FB-4EC2-9890-D685F2ABCC34@nordahl.net> <845C4D29-2B82-47D5-B6AD-5BC118BDAF34@ee.ryerson.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <845C4D29-2B82-47D5-B6AD-5BC118BDAF34@ee.ryerson.ca> X-Mailer: Mutt-ng devel (2005-03-13) based on Mutt 1.5.9 X-Operating-System: FreeBSD 5.4-STABLE User-Agent: mutt-ng/devel-r581 (FreeBSD) Subject: Re: nss_ldap problem X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2006 07:41:11 -0000 On Sat, Mar 04, 2006 at 02:29:44PM -0500, David Magda wrote: > > On Mar 4, 2006, at 04:04, Frode Nordahl wrote: > > >>/etc/nsswitch.conf > >>group: ldap files > >>hosts: files dns > >>networks: files > >>passwd: ldap files > >>shells: files > >>imap: ldap > > > >Why do you have "ldap" first? I would use "files ldap" in any case so local changes > >can override the directory. > > And if there's an issue with the network, things will slow down to a crawl when the > system is waiting for the LDAP server to respond (which it won't, so you're waiting > for the time out to occur). Using this params in /usr/local/etc/{nss_,}ldap.conf can help: bind_timelimit 4 bind_policy soft idle_timelimit 8 WBR -- Dmitriy Kirhlarov OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia P:+7 495 105 7247 ext.203 F:+7 495 105 7246 E:DmitriyKirhlarov@oilspace.com OILspace - The resource enriched - www.oilspace.com