On Mon, 2 Jun 2014, Stephen Gallagher wrote:
This is the real problem. If SSSD can route to the IP address, then
we
have to proceed assuming that the LDAP server should be available
(thereby attempting to connect to it and perform online
authentication). There's really no way to determine ahead of time
whether the service is "supposed" to be available.
You may want to play with the option 'ldap_opt_timeout' (see
sssd-ldap(5)). It controls how long the OpenLDAP client libraries will
wait for a response (in your case, how long it will wait while the
packets are dropped. It defaults to 6s).
This should be a one off hit though, right? If I discover the LDAP server is
offline, I should remember this, admittedly recheck periodically, but never
cause another delay waiting for it to spring back into life. Given the way
some of these laptops are used, I'd even quite like to configure it to default
to this state.
When I last tried this (which was a while ago) these delays would happen
repeatedly, so the setup was unusable, and I had to ditch sssd on the laptop.
jh
--
John Hodrien
Specialist IT and Unix, IT
Faculty of Engineering
0113 3435471
9.26 EC Stoner