LDAP handle unavailable: Can't contact LDAP server
Zoran Pericic
zpericic at inet.hr
Sun Jan 9 16:44:45 EST 2011
On 12/22/2010 04:37 PM, Kevin Longfellow wrote:
> All three KDC's have messages like this around the same time:
>
> Dec 22 11:31:49 adczaa98 krb5kdc[3564](info): AS_REQ (1 etypes {1})
> 10.87.129.29: LOOKING_UP_CLIENT: \n at DEV.COM for krbtgt/DEV.COM at DEV.COM, LDAP
> handle unavailable: Can't contact LDAP server
>
> I'm wondering if the principal coming through as \n may have caused this?
If RHEL using Mozilla NSS then it could be same as
https://bugzilla.redhat.com/show_bug.cgi?id=636956
You could try add "export NSS_STRICT_NOFORK=DISABLED" line to
/etc/sysconfig/krb5kdc and /etc/sysconfig/kadmin
Best regards,
Zoran Pericic
More information about the Kerberos
mailing list