Hi all, In my slow quest to get all our Solaris boxes over to LDAP/KRB5, I'm one step away from being done. The only thing that remains is a bizarre nscd issue:
When the nscd service is on, no user can log in and no ldap lookups happen = bad When nscd is off, no user can log in and no ldap lookups can happen = bad But... When nscd is OFF, and I then do a "nscd -i passwd" and hit enter, the command seems to complete, but then I do a "ps -ef | grep nscd" and see my "nscd -i passwd" process taking up cpu time. And the bizarre thing is, LDAP/Kerberos now works, people can log in and life is dandy! But I don't want "nscd -i passwd" to always be sucking up cpu time. Also, when I kill the process, LDAP stops working again. I've tried turning on nscd, THEN doing a "nscd -i passwd", when works fine (the process completes and it doesn't remain when I do a "ps -ef"). But LDAP still can't do lookups. Ideally I'd like to use nscd but it isn't required. I just don't want it to interfere with LDAP lookups as it obviously seems to be doing. I guess I could put "nscd -i passwd" in my startup scripts somewhere but I just don't want it sucking up 5% of my cpu time on every machine all the time. Another question is, maybe I can kill the nscd cache files to fix this (instead os using "nscd -i <table>" on every cache entry)? But I don't know where nscd caches it's information... I'm hoping not in memory... I'm hoping someone will see the error of my ways and tell me what I can do to fix nscd... :) Thanks in advance for any insight! ciao, erich -- This message posted from opensolaris.org
