tags 596983 + pending thanks On Wed, 2010-09-15 at 18:36 +0200, Matthias Wamser wrote: > i wanted to replace my libnss-ldap setup by libnss-ldapd. At first > sight it seems to work like a charm. > > Response times were even without nscd much better than before, but > fallback to secondary ldap server does not work as expected. > > If i block all request on the first ldap server by iptables i always > get a timeout from nscld: > nslcd: [b127f8] ldap_result() timed out
This is indeed a bug in nslcd, thanks for pointing it out. Timeouts from ldap_result() did not result in a disconnect from the LDAP server. This has been fixed in the development version. I don't think a fix for lenny is feasible, I will try to get this fix in squeeze though. Btw, I'm not 100% sure if a severing network connection with iptables simulates a typical network failure. I haven't run into this issue before in environments I manage. Anyway, thanks again for pointing this out. -- -- arthur - adej...@debian.org - http://people.debian.org/~adejong --
signature.asc
Description: This is a digitally signed message part
