[33082] in Kerberos
Re: LDAP handle unavailable: Can't contact LDAP server
daemon@ATHENA.MIT.EDU (Zoran Pericic)
Mon Jan 10 13:08:15 2011
From: Zoran Pericic <zpericic@inet.hr>
Date: Sun, 09 Jan 2011 22:44:45 +0100
Message-ID: <igda8d$jmj$1@ss408.t-com.hr>
Mime-Version: 1.0
X-Complaints-To: abuse@t-com.hr
In-Reply-To: <mailman.464.1293032257.20243.kerberos@mit.edu>
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 12/22/2010 04:37 PM, Kevin Longfellow wrote:
> All three KDC's have messages like this around the same time:
>
> Dec 22 11:31:49 adczaa98 krb5kdc[3564](info): AS_REQ (1 etypes {1})
> 10.87.129.29: LOOKING_UP_CLIENT: \n@DEV.COM for krbtgt/DEV.COM@DEV.COM, LDAP
> handle unavailable: Can't contact LDAP server
>
> I'm wondering if the principal coming through as \n may have caused this?
If RHEL using Mozilla NSS then it could be same as
https://bugzilla.redhat.com/show_bug.cgi?id=636956
You could try add "export NSS_STRICT_NOFORK=DISABLED" line to
/etc/sysconfig/krb5kdc and /etc/sysconfig/kadmin
Best regards,
Zoran Pericic
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
