This would likely have very little to do with puppet. If you've configured your /etc/nsswitch.conf file to look at ldap, then an ldap lookup will be made every time something user related happens. This includes launching daemon like puppet. If you are not already doing so, you may want to run nscd to cache these lookups.
-- Greg On Tue, Jul 19, 2011 at 4:29 PM, ychen <yung...@resolvity.com> wrote: > Hi, > > I installed the puppet server on a CentOS 5 box a while back. That box > is configured to authenticate users based on data stored in our > OpenLDAP server. Today I rebooted the box and found that puppetmasterd > wasn't able to start because the LDAP server went down due to recent > power outage. > > I checked the configuration settings of the puppet server in /etc/ > puppet folder and didn't find anything that would make the puppet > server aware of our LDAP server. > > In our logs, I saw the following: > 2011-07-19T18:07:30-05:00 <daemon.info> puppet puppetmasterd[1292]: > nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)... > 2011-07-19T18:07:34-05:00 <daemon.info> puppet > puppetmasterd[1292]: nss_ldap: reconnected to LDAP server ldap:// > ldap.xxxx.com > after 2 attempts > > So how can the puppet server be aware of the LDAP server anyway? How > can I disable it? Thanks. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
