Unsolved
This post is more than 5 years old
10 Posts
0
2540
Query LDAP
What service on Isilon is used to query the ldap servers? The nsswitch file has lsass. Can I query ldap to test the connection using a lsass command?
Thanks,
Greg
Unsolved
This post is more than 5 years old
10 Posts
0
2540
What service on Isilon is used to query the ldap servers? The nsswitch file has lsass. Can I query ldap to test the connection using a lsass command?
Thanks,
Greg
Top
gtjones1
10 Posts
0
July 19th, 2013 11:00
Thanks Peter
Maybe a little more clarification is required.
I'm trying to determine if my ldap servers are responding to requests. Users are intermittently reporting that they can't login and we often get errors on Isilon about ldap servers being offline. I've investigated this error and it seems to be an AD error, but I'm not certain.
I want to query LDAP through the same mechanism Isilon uses when a user authenticates to the cluster.
Hope that makes sense.
Greg
Peter_Sero
1.2K Posts
0
July 19th, 2013 11:00
You can try
id "username"
and
logins -x -m
to check individual accounts or list all accounts, resp.
Both local and LDAP accounts are listed.
-- Peter
Peter_Sero
1.2K Posts
1
July 19th, 2013 12:00
ldapsearch
does that (almost) -- it doesn't use the current LDAP settings.
Instead one has to provide server, base dn etc manually on the cmdline,
see ldapsearch -h or the docs on OpenLDAP, Main Page
-- Peter
Peter_Sero
1.2K Posts
0
July 20th, 2013 05:00
One more thing:
Did you check wether your LDAP/AD server is configured
to drop idle connections after some timeout?
We found that (Linux, OSX) clients silently reconnect
for new queries after a disconnect, but OneFS creates
an event and takes a considerable amount of time
to re-connect. During which no user lookups or
authentications are made...
-- Peter