I've ran into an interesting pam_ldap issue.
In my /etc/ldap.conf for pam I have two servers:
uri
ldaps://ldap04.example.com ldaps://ldap03.example.com
ldap04.example.com ran out of file descriptors, we had cron restart
services at night, and cron ulimit was 1024, even though
/etc/sercurity/limits.conf had been raised.
The problem pam_ldap did not fail over to
ldap03.example.com. LDAP04
still answered, even though it replied with Not listening for new
connections - too many fds open then closed connection. Pam ldap was
still trying to pin against this server.
Does anyone have any suggestions of a 'fix' for this feature?
Thanks,
Dennis
This message (including any attachments)
contains confidential information intended for a
specific individual and purpose, and is protected
by law. If you are not the intended recipient, you
should delete this message. Any disclosure,
copying, or distribution of this message, or the
taking of any action based on it, is strictly
prohibited.