[Beowulf] cluster authentication part II

Rémy Dernat remy.dernat at umontpellier.fr
Wed Jan 17 03:08:37 PST 2018


I would switch to sssd. I had many problems with nslcd (connection, 
cache...).

Best regards


On 16/01/2018 00:35, Jörg Saßmannshausen wrote:
> Dear all,
>
> reading the Cluster Authentication (LDAP,AD) thread which was posted at the
> end of last year reminds me of a problem we are having.
>
> For our Ubuntu 14 virtual machines we are authenticating against AD and I am
> using the nslcd daemon to do that.
> This is working very well in a shell, i.e. when I am doing this in a shell:
>
> $ su -l USER
>
> It is fast, it is creating the home directory if I need it (or not if I want
> to mount the file space elsewhere and use a local home) and the standard lookup
> tools like
>
> $ getent password USER
>
> are fast as well.
>
> However, and here is where I am stuck: when I want to log in to the machine
> using the GUI, this takes forever. We measures it and it takes up to 90 sec.
> until it finally works. I also noticed that it is not reading the
> /etc/nslcd.conf file but either /etc/ldap.conf or /etc/ldap/ldap.conf. The
> content of the ldap.conf file is identical with the nslcd.conf file. I am using
> TLS and not SSL for the secure connection .
> Furthermore, and here I am not sure whether it is the same problem or a
> different one, if I want to ssh into the Ubuntu VM, this also take a very long
> time (90 sec) until I can do that.
> Strangely enough, our HPC cluster is using nslcd as well (I used that
> nslcd.conf file as a template for the Ubuntu setup), authenticating against the
> same AD and that works instantaneous.
>
> Does anybody has some ideas of where to look at? It somehow puzzles me.
> I am a bit inclined to say the problem is within Ubuntu 14 as the cluster is
> running CentOS and my Debian chroot environment ist Stretch.
>
> All the best from London
>
> Jörg
>
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf


More information about the Beowulf mailing list