Bug ID 857045: LDAP system authentication may stop working

Last Modified: Jun 30, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3

Opened: Dec 03, 2019
Severity: 4-Minor

Symptoms

If the system daemon responsible for LDAP authentication crashes, the system will not automatically restart it, and remote LDAP authentication may stop working. In /var/log/daemon.log, you may see the following: warning systemd[1]: nslcd.service failed

Impact

System authentication stops working until nslcd is restarted.

Conditions

Nslcd daemon crashed, and it fails to restart.

Workaround

Manually restart nslcd daemon: tmsh start sys service nslcd nslcd can be reconfigured to restart automatically and create core files when it crashes, though these changes will be lost across software installs (and is not backed up as part of a UCS archive): 1. Run "systemctl edit nslcd", which will open a text editor (by default, nano). 2. In the text editor, add these contents: [Service] # Allow core files LimitCORE=infinity # Try to keep auth daemon running, even if it crashes Restart=always 3. Exit the text editor and save the file 4. Check the output of "systemctl status nslcd" for any warnings/errors from systemd as a result of editing the file; there should not be any. 5. Restart nslcd: systemctl restart nslcd

Fix Information

None

Behavior Change