The name service cache daemon has some serious flaws. One that I notice pretty often in Linux arises when you are using LDAP. It seems that nscd will crash and burn when/if ldap is unavailable. Unfortunately when nscd bombs, it usually takes the entire system with it. Actually what will happen is nscd sockets will start getting broken pipe's and becoming stale until you have several nscd. Eventually your system will slow to a halt. Mind you the box hasn't crashed, but the box is in a dos state. If you do an '$# netstat -an' you'll notice several entries...

Read More

LDAP has been around for over a decade, and yet it is still considered a newer technology.  Many modern vendors have added LDAP authentication.  This document is a brief generic howto for configuring linux to use LDAP.  This will be a fairly detailed recipe as most of my docs are. Linux Name Services Name Server Switch is the engine that really enables Linux to harness LDAP. In linux you have two different ldap.conf files that the modules and services use to configure their ldap communications '/etc/ldap.conf' and '/etc/openldap/ldap.com'. The first gives the dn's for passwd, group and sudoers. You can also specify...

Read More