NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: NSS, mail.local and unavailable LDAP

On 4/21/08, Emmanuel Dreyfus <> wrote:
> Hello
>  There must be a simple way of fixing this, but I have not found it yet:
>  On a mail server, if accounts are stored in an LDAP directory, and if
>  the LDAP servers all go down, then mail.local will think the destination
>  accounts do not exist, and the mail server will start bouncing e-mails,
>  because recipients do not exist.
>  If the sender account is on the same server, then the DSN bounces back
>  to another nonexistent user, and it gets lost. This is not very
>  satifying.
>  Of course, all the LDAP servers should not go down at the same time, but
>  that can happen. It would be nice if mail.local could just wait for LDAP
>  servers to become available again, retrying periodically, instead of
>  returning that the user does not exists.
>  How can this be acheived? nsswitch.conf does not allow retrying on the
>  same source, and neither nss_ldap.conf does.

Can you set the timelimit and/or bind_timelimit to unlimited (0 for
timelimit, I'm not sure for bind_timelimit) so that nss would,
basically, never return unless it could contact the ldap server?

Home | Main Index | Thread Index | Old Index