Hi Arthur, On 05/23/2015 06:03 PM, Arthur de Jong wrote: > Could you provide the relevant bits of nslcd.conf (leave out any > passwords) and output from nslcd -d when the error occurs? Bad news for me (and to a lesser extent to you): I just spent hours trying to reproduce the problem with a small docker setup. I could not reproduce the error using Debian squeeze as the server (oldest for maximum incompatibility) and Debian squeeze, wheezy or jessie as client. It just works...
Therefore I connected to the system that I upgraded to jessie on friday only to notice that it is now fully working. My workaround was ineffective in that puppet recreated the original nslcd.conf, but it was just working. Factoring in that the host machine of the ldap virtual machine had a disk failure today it seems that this error was actually on the server side. Probably slapd just stopped sending because of a slow disk (a disk in the RAID had gone bad but was still active with read rates in the two-digit kb/s range...). So in our case this was not a problem with nslcd but just a symptom of the breaking LDAP server. > Also, can you provide more information on which LDAP server is used? > Thanks, FWIW, the ldap server has Debian wheezy installed with the current 2.4.31-2 slapd package. So sorry that I could not help with the original problem, our problem was at a different spot. For reference, I attached a tar archive of my Docker based testbed. Maybe it is of use to somebody else... If you have docker installed and permission to run it via sudo docker ..., just run the demo.sh script. This will set up an LDAP server and client container and try to query groups from the client container. Greetings, Torsten
test-780320.tar.gz
Description: application/gzip