Bug ID 857045: LDAP system authentication may stop working

Last Modified: Apr 26, 2024

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,,,, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,,, 15.1.9,, 15.1.10,,,, 16.0.0,, 16.0.1,,, 16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,,,, 16.1.4,,,, 17.0.0,,, 17.1.0,,,, 17.1.1,,,

Opened: Dec 03, 2019

Severity: 4-Minor


If the system daemon responsible for LDAP authentication crashes, the system will not automatically restart it, and remote LDAP authentication may stop working. In /var/log/daemon.log, you may see the following: warning systemd[1]: nslcd.service failed


System authentication stops working until nslcd is restarted.


Nslcd daemon crashed, and it fails to restart.


Manually restart nslcd daemon: systemctl start nslcd nslcd can be reconfigured to restart automatically and create core files when it crashes, though these changes will be lost across software installs (and is not backed up as part of a UCS archive): 1. Run "systemctl edit nslcd", which will open a text editor (by default, nano). 2. In the text editor, add these contents: [Service] # Allow core files LimitCORE=infinity # Try to keep auth daemon running, even if it crashes Restart=always 3. Exit the text editor and save the file 4. Check the output of "systemctl status nslcd" for any warnings/errors from systemd as a result of editing the file; there should not be any. 5. Restart nslcd: systemctl restart nslcd

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips