<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Apr 11, 2013 at 11:02 AM, heasley <span dir="ltr"><<a href="mailto:heas@shrubbery.net" target="_blank">heas@shrubbery.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Wed, Apr 10, 2013 at 04:36:34PM -0400, Asif Iqbal:<br>
<div class="im">> On Mon, Apr 8, 2013 at 4:58 PM, heasley <<a href="mailto:heas@shrubbery.net">heas@shrubbery.net</a>> wrote:<br>
><br>
> > Mon, Apr 08, 2013 at 03:06:34PM -0400, Asif Iqbal:<br>
> > > Hi<br>
> > ><br>
> > > I am failing to login to router, intermittently, as it drops to Password:<br>
> > > prompt, hence failing to communicate with the T+ (F4.0.4.26) running on<br>
> > > Ubuntu 10.04.4 LTS<br>
> > ><br>
> > > Here is the error I am getting when this happens<br>
> > ><br>
> > > Apr 8 18:35:00 tacacs-01 tac_plus[12341]: <a href="http://router1.example.net" target="_blank">router1.example.net</a> tty3: fd<br>
> > 2<br>
> > > eof (connection closed)<br>
> > > Apr 8 18:35:00 tacacs-01 tac_plus[12341]: Read -1 bytes from<br>
> > > <a href="http://router1.example.net" target="_blank">router1.example.net</a> tty3, expecting 12<br>
> > > Apr 8 18:35:00 tacacs-01 tac_plus[12341]: Error router1.example.nettty3:<br>
> > > Null reply packet, expecting CONTINUE<br>
> ><br>
> > it looks like the device thinks that the tty closed; ie: the user<br>
> > disconnected.<br>
> ><br>
><br>
> We are using pam_ldap for authentication and I see few errors like these<br>
><br>
> nslcd[19201]: [23d03c] failed to bind to LDAP server ldaps://<br>
> <a href="http://192.168.1.10:636" target="_blank">192.168.1.10:636</a> Can't contact LDAP server: Connection reset by peer<br>
><br>
> nslcd[19201]: [36cb51] ldap_result() failed: Can't contact LDAP server<br>
><br>
> I wonder if those are the real culprit for the connection closed error<br>
<br>
</div>probably. if you can, try testing with an alternative source or a different<br>
ldap server.<br></blockquote><div><br></div><div style>idle_timelimit 100 on nslcd.conf improved it. Lot less ldap_result() failed;</div><div style><br></div><div style>suggestion was inspired by this bug report.</div><div style>
<br></div><div style><a href="https://bugs.launchpad.net/ubuntu/+source/nss-pam-ldapd/+bug/1074213">https://bugs.launchpad.net/ubuntu/+source/nss-pam-ldapd/+bug/1074213</a><br></div><div style><br></div><div style><br></div>
</div><br clear="all"><div><br></div>-- <br>Asif Iqbal<br>PGP Key: 0xE62693C5 KeyServer: <a href="http://pgp.mit.edu">pgp.mit.edu</a><br>A: Because it messes up the order in which people normally read text.<br>Q: Why is top-posting such a bad thing?<br>
<br>
</div></div>