You have been subscribed to a public bug: Binary package hint: libnss-ldapd
Since Hardy's release, when doing e kerberos connexion, a refusal to open a gdm session may occur. Error message in gdm is : "The system administrator had temporarily disabled connexion to this system". In auth.log: "nscd: nss_ldap: server is unavailable" The problem occurs in the "account" phase, when the user account information is beng pulled. The kerberos authentication is successful but the user is not know by the system. when this occurs, from another session we can do a: # getent passwd user_having_issue and we do not get a reply. After a certain time lapse, without any change to the setup, the user becomes known again. Note: during this period, other users are tested and work succesfully, which shows that the ldap server does function properly. To understand the issue better, a network trace was done and it can be seen that on the TCP connexion use by the request 1- earlier: the LDAP server sent a end tcp session packet (FIN) 2- nssldap sends back an ACK 3- nssldap continues on using this connexion that he acknoledged closing To try to go around the issue, it was tried to configure nsslap to not use persistent connexion (ldap.conf : nss_connect_policy oneshot), but once this is applied and the client rebooted, then gdm crashes consistently at each authentication try (clearly identified in syslog). The crash goes away after restoring the original config (nss_connect_policy persist). ** Affects: ubuntu Importance: Undecided Status: New ** Affects: libnss-ldap (Ubuntu) Importance: Undecided Status: New -- nscd: nss_ldap: server is unavailable https://bugs.launchpad.net/bugs/237115 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs