I have the following error in the "messages" log repeetedly.
Does anyone know this one?
Does anyone know this one?
May 12 19:22:03 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:42 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain hald[2135]: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP se...
May 12 19:35:42 mydomain hald[2135]: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:42 mydomain hald[2135]: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP se...
May 12 19:35:42 mydomain hald[2135]: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 12 19:35:44 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 13 09:11:14 mydomain smbd[24324]: nss_ldap: could not search LDAP server - Server is unavailable...
May 13 09:16:09 mydomain winbindd[16944]: nss_ldap: could not search LDAP server - Server is unavailable...
May 13 09:27:26 mydomain smbd[24324]: nss_ldap: could not search LDAP server - Server is unavailable...
May 13 09:57:20 mydomain smbd[24324]: nss_ldap: could not search LDAP server - Server is unavailable...
May 13 10:58:07 mydomain smbd[11013]: nss_ldap: could not search LDAP server - Server is unavailable...
May 13 23:59:08 mydomain smbd[30193]: nss_ldap: could not search LDAP server - Server is unavailable..
Share this post:
Responses (27)
-
Accepted Answer
Summary: slow ldap cause problems to samba, emails etc.
Moved here, due to that, the topic is different. -
Accepted Answer
Problem was (amazingly) fixed by connecting the computer to the Internet.
As it was the LDAP service that misbehaved I would very much like to see how she (the service) is connecting to the Internet.
Here is the thread that I made while having this problem.
Thread
Is it at all possible that something is connecting "home" to Clear foundation? -
Accepted Answer
I have bean happily ignoring this problem since my last post, out of sight, out of mind.
And now that has predictably bit me very hard on the ass!
Server now takes about one hour to boot, is slow and mostly unusable.
If clearos support was not so very expensive I would buy some help from them.
Does anyone have any ideas??? -
Accepted Answer
-
Accepted Answer
I have noticed I get these errors in my log. Should I be worried or just ignore them
Dec 7 15:10:01 fs1 saslauthd[4222]: Retrying authentication
Dec 7 15:15:02 fs1 saslauthd[4219]: Retrying authentication
Dec 7 15:20:01 fs1 saslauthd[4223]: Retrying authentication
Dec 7 15:22:00 fs1 saslauthd[4224]: Retrying authentication
Dec 7 15:22:00 fs1 saslauthd[4219]: Retrying authentication
Dec 7 15:25:02 fs1 saslauthd[4223]: Retrying authentication
Dec 7 15:30:01 fs1 saslauthd[4222]: Retrying authentication
Dec 7 15:35:02 fs1 saslauthd[4220]: Retrying authentication
Dec 7 15:40:02 fs1 saslauthd[4222]: Retrying authentication
Dec 7 15:45:02 fs1 saslauthd[4219]: Retrying authentication
Dec 7 15:50:02 fs1 saslauthd[4220]: Retrying authentication
Dec 7 15:55:02 fs1 saslauthd[4224]: Retrying authentication
Dec 7 16:00:02 fs1 saslauthd[4219]: Retrying authentication
Dec 7 16:05:01 fs1 saslauthd[4220]: Retrying authentication -
Accepted Answer
Hello everyone,
After digesting this thread I think there are two issues going on here.
1.) The LDAP error occuring at boot up because the LDAP server is not running yet.
2.) nss_ldap and saslauthd error during normal operations (after boot up is complete).
I have two server running in a production environment and both are havving these issues. I am not so concerned about the boot up one but the other one is a problem.
Every ten minutes or so I get the error string:
Sep 8 18:30:01 server saslauthd[5592]: Retrying authentication
Sep 8 18:33:34 server smbd[20367]: nss_ldap: could not search LDAP server - Server is unavailable
Sep 8 18:33:40 server smbd[11403]: nss_ldap: could not search LDAP server - Server is unavailable
Sep 8 18:35:01 server saslauthd[5595]: Retrying authentication
Sep 8 18:38:10 server saslauthd[5594]: Retrying authentication
Sep 8 18:38:20 server saslauthd[5592]: Retrying authentication
I would realy like to get this resolved.
Does anyone have any ideas?
Thank you in advance for your help.
KEvin -
Accepted Answer
-
Accepted Answer
nuke, john, teitur,
Not entirely a solution but this tip may be helpful in debugging -
Not sure if you made this change to your /etc/init.d/sshd
# chkconfig: 2345 26 74
instead of
# chkconfig: 2345 55 25
and re-chkconfig'ed the sshd service.
This helped me investigate things better by allowing me to ssh into the system and watch the logs while ldapsync i.e. the kolab service is started just after ldap. This service used to take a lot of time for me to start and during this time we had no choice but to merely wait until I made the above change.
I am also seeing a lot of these messages in my messages logs. -
Accepted Answer
Well that didn't fix anything.
It would appear from the following linkClarkconnect Bug ID 733 that the issue is still outstanding.
I'll continue to do some searching. -
Accepted Answer
Hi John.
The change is made in the ldap config file. slapd is the daemon that is run. The idea of the change is to allow ldap to restart earlier so it is found by the other processes.
You may wish to also look at saslauthd: Retrying authentication
I added the "/" to the end of the line mentioned in both the template (located at /etc/openldap/templates/saslauthd.conf.template) and the /etc/saslauthd.conf files. Then did a service ldap restart.
Now I will see if the error disappears and report back. -
Accepted Answer
I finally got around to looking at the stuff Nuke posted and while it doesn't seem to apply to ClearOS directly I gave it a shot just to see. First on my box there is no /etc/rc.d/init.d/slapd but rather /etc/rc.d/init.d/ldap so tried making the changes to that file. I'm not an expert on this start up stuff but it seems as if the line we are to change is actually a comment so I'm not sure how changing that line makes a difference.
After the change I went through the other steps listed to get the timing all registered. BTW, when comments 67 & 68 were mentioned above I assume we were referring to the Red Hat Bugzilla – Bug 186527 page - hope that's right.
The change didn't seem to fix much but did generate more errors:
... dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable
... dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP server
So, I switched things back.
I originally started looking into this since browsing the network can be rather slow. Users complained that they couldn't always see the server so I thought there may be some connection between that and the errors I was seeing.
Teitur, unfortunately I don't think my experiment has helped you out much. I'm a little bit over my experience level here so if anyone has some thoughts I'd love to hear them.
John -
Accepted Answer
-
Accepted Answer
Im to much of a chicken to try Nuke's fix. And im not sure that will fix these errors except the boot time errors...?
Anyway, these specific errors seem to be fixed, by adding
server 0.europe.pool.ntp.org
server 1.europe.pool.ntp.org
server 2.europe.pool.ntp.org
server 3.europe.pool.ntp.org
to ntp.conf in /etc
Can you please try this (and restart the ntp service) with your server John, I would love to know if this was simply the case.
But now im getting this error every 5 minutes.
May 20 03:15:03 mydomain saslauthd[3715]: Retrying authentication
May 20 03:20:02 mydomain saslauthd[3718]: Retrying authentication
May 20 03:25:02 mydomain saslauthd[3713]: Retrying authentication
May 20 03:30:03 mydomain saslauthd[3719]: Retrying authentication
May 20 03:35:02 mydomain saslauthd[3715]: Retrying authentication
May 20 03:40:02 mydomain saslauthd[3717]: Retrying authentication -
Accepted Answer
-
Accepted Answer
Have you checked to see if the LDAP server is dying, or perhaps can not be reached because it is too busy searching or tryiing to answer earlier queued requests?
Find out if LDAP is running by executing:
service ldap status
If LDAP is running, verify that nss_ldap can communicate with it by executing:
getent passwd
If this returns the list of users that are in LDAP (non system accounts), the problem is most likely a problem with LDAP being overloaded, or has some other operational problem.
The above is a start to help you to diagnose where the problem may be. It is entirely likely that the solution will be simple once we can identify the cause.
Cheers,
John T. -
Accepted Answer
Teitur, please check a few things. I got confused when reading the recommended solution and maybe you did the same thing that I did. By mistake I put those lines into the slapd file.
I think this is OK to do on ClearOS because it is a CentOS/RedHat derivative. Also, I found the same issue on each website that reports bugs. You can see it by doing a Google search on: "dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP server"
I think that we are supposed to do:
1) The first part of that solution is to make a change in line that shows chkconfig: in the /etc/rc.d/init.d/slapd.
Then you have to save that file. If you don't do the next two lines, you won't change the boot order of ldap so the fix won't work.
2) Finally as root type the other two lines on the command line. The "chkconfig --del slapd" removes all the slapd from all the rc.d/init.d/ directories. ie. removes the slapd from the various runtime startups.
From the man page:
chkconfig --del name
The service is removed from chkconfig management, and any symbolic links in /etc/rc[0-6].d which pertain
to it are removed.
The final line "chkconfig slapd on" puts the slapd back into the rc.d/init.d/ directories in the new start-up order. I think one could also type "chkconfig --level 345 slapd on". From what I read in the man this might be better. Anyone of the gurus please comment if this is correct.
3) Finally check that it is in the right runtimes by running:
chkconfig --list ldap
The clean install has
ldap 0ff 1ff 2ff 3n 4n 5n 6ff
I hope this helps. -
Accepted Answer
Now the logs are clean when the server is running.
But this error still comes during boot.
So I guess I have to implement "nukes" soulution.
Change the chkconfig line in /etc/rc.d/init.d/slapd to read:
# chkconfig: - 12 73
Then do:
# chkconfig --del slapd
# chkconfig slapd on
This ensures slapd starts after networking and before anything that hangs
without it.
Is this command OK for ClearOS?
May 14 19:38:22 mydomain smbd[28366]: nss_ldap: could not search LDAP server - Server is unavailable...
May 14 20:33:34 mydomain smbd[28366]: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:14 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain hald[2237]: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP se...
May 15 02:12:14 mydomain hald[2237]: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:14 mydomain hald[2237]: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP se...
May 15 02:12:14 mydomain hald[2237]: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://localhost: Can't contact LDAP s...
May 15 02:12:16 mydomain dbus-daemon: nss_ldap: could not search LDAP server - Server is unavailable...
-
Accepted Answer
Nope, this is happening every so often. No directly related to restarts.
[root@mydomain log]# ldapsync
running full LDAP synchronization
restarting LDAP server
Stopping slapd: [ OK ]
Starting slapd: [ OK ]
restarting authentication server
Stopping saslauthd: [ OK ]
Starting saslauthd: [ OK ]
synchronizing configuration
synchronizing daemons with domain mydomain.lan
synchronizing Samba file and print services
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
synchronizing Samba netbios services
Shutting down NMB services: [ OK ]
Starting NMB services: [ OK ]
synchronizing POP/IMAP mail
Shutting down cyrus-imapd: [ OK ]
Exporting cyrus-imapd databases: [ OK ]
Importing cyrus-imapd databases: [ OK ]
Starting cyrus-imapd: [ OK ]
synchronizing SMTP mail
Reloading postfix: [ OK ]
synchronizing webmail
synchronizing web proxy
synchronizing FTP
Reloading proftpd: [ OK ]
synchronizing antivirus
[root@mydomain log]# service ldap restart
Stopping slapd: [ OK ]
Starting slapd: [ OK ]
Seems to work.
But Ill keep an eye on the logs.
Thank you. -
Accepted Answer
-
Accepted Answer
I came across this error today while trying to get netatalk running.
I get the same error.
It appears that this is a know issue in the Redhat/CentOS community. Please see bugs:
Fedora closed even though still open at Redhat
Bug 502072
Bug 182464 and Bug 186527
It looks like the easiest fix to this is to start ldap earlier in the startup.
In particular look at comment 67 and 68.
I'm a bit too much of a newbie to know what this is all about but I think I will manually change the /etc/rc.d/init.d/ldap file to show the change in Comment 68. What I don't know is how to get this change to propagate into the various runlevels (if that is what it is supposed to do) and how to make sure that this change gets reflected with any updates coming down the pipe via the normal ClearOS updates.
Thanks in advance for any help and suggestions. -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »