nixCraft

Hi All,

I configured a LDAP server on SuSe ES9 and LDAP clients on Suse Prof 9.1 and Redhat ES 3.0 for System Authentication. I have two problems,

1) When the LDAP server is down I'm unable to login even with the local user account in the redhat ES 3.0 box.
2) On Suse Prof 9.1 box I removed the configured server from the LDAP client through YAST. After that the login is failing even with local users (including root). When I tried with rescue mode the /etc/passwd file seems to be corrupted.

Are there any solutions for these problems.

Thanks,
Vasanth

One of the dangers of centralizing authentication against an LDAP server is that if the server goes down, everything goes down. To overcome this issue, you can try redundant servers. Many ways exists to do this.

(A) Easy way - You can use round robin based DNS. Let us say you have two servers. Create master LDAP on 192.168.1.10 and Slave on 192.168.1.11 once done that create DNS entries as follows in your DNS server.
192.168.1.10 ldap.nixcraft.com – master ldpa server
192.168.1.11 ldap.nixcraft.com – slave ldap server

MASTER LDAPPlease note that master must have read / write access. And all changes must be done on master only. Master must replicate database to slave server using
Replace XXX with actual values
Slave LDAP Server
All slave LDAP servers must be read only. Edit slapd.conf for the slave and add:
This is the simple way.

2) Use of High-Availability Linux Project for LDAP, this is more sophisticated way. Read LDAP High-Availability document online at http://linuxjournal.com/article/5505

Boot into single user mode and setup new root password. You may need to remove password file. Best way is to get back your ldpa server.

Hope this helps