NSCD and Error 91-Can't connect to the LDAP server

Discussion created by masvi10 Employee on Jan 3, 2012
Latest reply on Jan 3, 2012 by Chris_Hackett

Tuesday Tip by Hongxu Liu, Senior Support Engineer, for 1-3-2012

NSCD and Error 91-Can't connect to the LDAP server

This is a very unique situation, only happens on Linux, and when NSlookup has to return a large number of VIPs (virtual IP’s) for the same LDAP server.

In Linux (as in other Unix systms), there is a service called NSCD. It is a daemon that provides cache for the most common name service requests.

/usr/sbin/nscd - Name Service Cache Daemon.

This daemon impacts how SiteMinder resolves an actual host IP of the LDAP.

The 'Error 91-Can't connect to the LDAP server' in the smps log (screen Error 29 : Not able to contact user directory) could be partially due to the size limitation of NSlookup (when the lookup result is large) as well as due to the cache resource size provided by the NSCD, -- which results in mixed behavior during the user directory connection testing.

Disabling the NSCD process resolves this error.