Red Hat DIRECTORY SERVER 7.1 SP7 - S Průvodce řešením problémů stáhnout pdf (Strana 115)

Miscellaneous 115



tcp_keepalive_probes

: Determines the frequency of sending TCP

keepalive

probes before

deciding a broken connection.

The

tcp_keepalive_probes

takes an integer value, recommended less than 50 depending on

your

tcp_keepalive_time

and the

tcp_keepalive_interval

values. The default is to set to 9

probes before informing the application of the broken connection.



tcp_keepalive_intvl

: Determines the duration for a reply for each

keepalive

probe. This

value is important to calculate the time before your connection has a

keepalive

death.

The

tcp_keepalive_intvl

takes an integer value, the default is 75 seconds. So, 9 probes with 75

seconds each will take approximately 11 minutes. The default values of the

tcp_keepalive_probes

and

tcp_keepalive_intvl

variables can be used to evaluate the

default time before the connection is timed out because of

keepalive

Modify these three parameters in a way that the change does not generate a lot of extra network

traffic and still solves the problem. A sample modification could be as follows (a 3-minute detection

time):



tcp_keepalive_time set -120



tcp_keepalive_probes - 3



tcp_keepalive_intvl - 20

NOTE: Be careful with the parameter settings and avoid setting the already valid connections.

The settings take effect immediately after the files are modified. You need not restart any services.

However, the settings are valid for the current session only. Once the server is re-booted, the settings

revert to the default settings.

To make the setting permanent (even after a reboot), do the following:

Add the following entries in

/etc/sysctl.conf.

 net.ipv4.tcp_keepalive_time=120

 net.ipv4.tcp_keepalive_probes=3

 net.ipv4.tcp_keepalive_intvl=20

We recommend these settings only if all the clients and servers are connected through LAN.

23.6 NDS Error, System Failure (-632) Occurs When Doing

ldapsearch for the User Objects

Import the user objects with simple password and then enable universal password for the container

where the user objects are imported. Stop the DS server and set the environment as

NDSD_TRY_NMASLOGIN_FIRST=true

and then start DS Server. When you do an ldapsearch for the user

objects, which were imported with simple password, you get the following error:

ldap_bind: Unknown error, additional info: NDS error: system failure (-632)

To resolve this issue, set the default login sequence as simple password for the container where user

objects are imported before doing ldapsearch for those user objects.

When LDAP requests NMAS to log in a user, NMAS uses the default login sequence. If you do not

specify a default login sequence for these users, then it will use the NDS sequence. If these users are

not given an NDS password when you imported them, then the NDS sequence will not work. If you

enable universal password, then the simple password will be synchronized with the NDS password

and universal password when the user logs in with the simple password.

1 2 ... 110 111 112 113 114 115 116 117 118 119 120

Komentáře k této Příručce

Žádné komentáře

Red Hat DIRECTORY SERVER 7.1 SP7 - S Průvodce řešením problémů Strana 115

Komentáře k této Příručce

Související produkty a manuály pro Telefony Red Hat DIRECTORY SERVER 7.1 SP7 - S