NSS, mail.local and unavailable LDAP

To: netbsd-users%netbsd.org@localhost
Subject: NSS, mail.local and unavailable LDAP
From: manu%netbsd.org@localhost (Emmanuel Dreyfus)
Date: Tue, 22 Apr 2008 05:31:56 +0200

Hello

There must be a simple way of fixing this, but I have not found it yet:

On a mail server, if accounts are stored in an LDAP directory, and if
the LDAP servers all go down, then mail.local will think the destination
accounts do not exist, and the mail server will start bouncing e-mails,
because recipients do not exist.

If the sender account is on the same server, then the DSN bounces back
to another nonexistent user, and it gets lost. This is not very
satifying.

Of course, all the LDAP servers should not go down at the same time, but
that can happen. It would be nice if mail.local could just wait for LDAP
servers to become available again, retrying periodically, instead of
returning that the user does not exists.

How can this be acheived? nsswitch.conf does not allow retrying on the
same source, and neither nss_ldap.conf does.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu%netbsd.org@localhost

Follow-Ups:
- Re: NSS, mail.local and unavailable LDAP
  - From: Emmanuel Dreyfus
- Re: NSS, mail.local and unavailable LDAP
  - From: Matthias Scheler
- Re: NSS, mail.local and unavailable LDAP
  - From: matthew sporleder

Prev by Date: QLogic lies: now it's up to you
Next by Date: Re: NSS, mail.local and unavailable LDAP
Previous by Thread: QLogic lies: now it's up to you
Next by Thread: Re: NSS, mail.local and unavailable LDAP
Indexes:

Home | Main Index | Thread Index | Old Index