[GE users] Help with qrsh, SSH, and LDAP

David Olbersen dolbersen at nextwave.com
Tue Nov 6 23:02:10 GMT 2007


Darin,

Thank you for taking the time to help! :)

I don't really see how this could be an OS issue since I can SSH between
the boxes just fine (using passwords or keys). It's only when SGE is
involved that trouble starts.

I don't see any nss_ldap errors that aren't SGE related.

nscd isn't running on the clients, so that's not it. Interestingly, if I
turn on nscd the errors go away but the connection still fails.

/etc/nsswitch.conf is set to "files ldap", changing order makes no
difference.

/etc/ldap.conf only has a few lines that aren't commented out:

host directory.eng.atg.nw.net
base dc=eng,dc=atg,dc=nw,dc=net
timelimit 120
bind_timelimit 120
idle_timelimit 3600
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5

/etc/openldap/ldap.conf is short as well:

HOST directory.eng.atg.nw.net
BASE dc=eng,dc=atg,dc=nw,dc=net
TLS_CACERTDIR /etc/openldap/cacerts

-- 
David Olbersen (x0623)
 

-----Original Message-----
From: Darin Perusich [mailto:Darin.Perusich at cognigencorp.com] 
Sent: Tuesday, November 06, 2007 2:36 PM
To: users at gridengine.sunsource.net
Subject: Re: [GE users] Help with qrsh, SSH, and LDAP

While not using qrsh/ssh I am using LDAP for users and groups on my 
Linux/Debian exec-hosts, this is an OS issue not an SGE issue. Are you 
seeing the nss_ldap errors with any other services? Also you might want 
to try and disable nscd on the clients. While it's suppose to speed 
things up I've found that it does just the opposite and causes timeouts 
on Linux when used with LDAP.

Can you provide your nsswitch.conf, /etc/ldap.conf and 
/etc/openldap/ldap.conf files?

David Olbersen wrote:
> Nobody has any experience with qrsh, ssh, and LDAP?
> 
> Do I need to upgrade to 6.1?
> 
> Anybody?
> 

> And on the exechost (1 host in this queue) I see this in
/var/log/messages
> 
>  
> 
> Nov  5 09:54:42 node-2 sge_shepherd-1019: nss_ldap: reconnecting to
LDAP 
> server...
> 
> Nov  5 09:54:42 node-2 sge_shepherd-1019: nss_ldap: reconnected to
LDAP 
> server after 1 attempt(s)
> 
>  
> 
> I can't quite tell what's going on here and could really use some
help. 
> All machines run CentOS 4.4, if that's of any use. This is a lab
cluster 
> so I'm free to experiment. As I said above, SSH works outside.
> 

-- 
Darin Perusich
Unix Systems Administrator
Cognigen Corporation
395 Youngs Rd.
Williamsville, NY 14221
Phone: 716-633-3463
Email: darinper at cognigencorp.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net




More information about the gridengine-users mailing list