[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: NSS, mail.local and unavailable LDAP
On 4/21/08, Emmanuel Dreyfus <manu%netbsd.org@localhost> wrote:
> There must be a simple way of fixing this, but I have not found it yet:
> On a mail server, if accounts are stored in an LDAP directory, and if
> the LDAP servers all go down, then mail.local will think the destination
> accounts do not exist, and the mail server will start bouncing e-mails,
> because recipients do not exist.
> If the sender account is on the same server, then the DSN bounces back
> to another nonexistent user, and it gets lost. This is not very
> Of course, all the LDAP servers should not go down at the same time, but
> that can happen. It would be nice if mail.local could just wait for LDAP
> servers to become available again, retrying periodically, instead of
> returning that the user does not exists.
> How can this be acheived? nsswitch.conf does not allow retrying on the
> same source, and neither nss_ldap.conf does.
Can you set the timelimit and/or bind_timelimit to unlimited (0 for
timelimit, I'm not sure for bind_timelimit) so that nss would,
basically, never return unless it could contact the ldap server?
Main Index |
Thread Index |