Suffering from LDAP timeouts on Unix, where it thought it had a TCP connection to Active Directory LDAP - but it didn't really?
ie:
"nss_ldap: reconnected to LDAP server ldap://ad.in.company.com/"
or...
"nscd: nss_ldap: could not search LDAP server - Server is unavailable"
Here's one possible solution: increase the idle timeout in the Active Directory LDAP policies. By default it is 900 seconds.
(ref: http://support.microsoft.com/kb/315071)
> ntdsutil.exe
: LDAP Policies
: connections
: connect to server ad.in.company.com
: q
: Show Values
: set MaxConnIdleTime to 129600
: Show Values
: Commit Changes
: Show Values
: q
: q
This effects all DC's (as far as I can tell).
Now create a cron job in Unix to query the Active Directory (i.e. getent passwd) at an interval of less than MaxConnIdleTime.
Thursday, August 25, 2011
Monday, April 11, 2011
Cross platform shell script / batch file (Windows NT & Unix)
Here's a neat little hack I've come up with to script across both Windows and Unix.
It requires a ".bat" extension under Windows, and the execute bit set under Unix.
It uses the GOTO command in Windows to skip the Unix part, and it abuses the stderr redirect in Unix to effectively ignore the Windows IF and GOTO commands on line 1.
if %OS% == Windows_NT goto WINDOWS
then
:
## Hack to make a cross-OS compatible script
fi 2> /dev/null
# ------------------------------------------------------------------------------
# Unix execution
# ------------------------------------------------------------------------------
NAME=$0
NAME=${NAME%.bat}
NAME=${NAME##*/}
echo "My name is ${NAME}, and I work in Unix environments"
exit
# ------------------------------------------------------------------------------
# Windows execution
# ------------------------------------------------------------------------------
:WINDOWS
@echo off
set NAME=%~n0
echo My name is %NAME%, and I work in Windows NT environments"
# ------------------------------------------------------------------------------
It requires a ".bat" extension under Windows, and the execute bit set under Unix.
It uses the GOTO command in Windows to skip the Unix part, and it abuses the stderr redirect in Unix to effectively ignore the Windows IF and GOTO commands on line 1.
if %OS% == Windows_NT goto WINDOWS
then
:
## Hack to make a cross-OS compatible script
fi 2> /dev/null
# ------------------------------------------------------------------------------
# Unix execution
# ------------------------------------------------------------------------------
NAME=$0
NAME=${NAME%.bat}
NAME=${NAME##*/}
echo "My name is ${NAME}, and I work in Unix environments"
exit
# ------------------------------------------------------------------------------
# Windows execution
# ------------------------------------------------------------------------------
:WINDOWS
@echo off
set NAME=%~n0
echo My name is %NAME%, and I work in Windows NT environments"
# ------------------------------------------------------------------------------
Subscribe to:
Posts (Atom)
