[Date Prev][Date Next] [Chronological] [Thread] [Top]
(ITS#4425) idle-timeout

To: openldap-its@OpenLDAP.org
Subject: (ITS#4425) idle-timeout
From: fred2261@hotmail.com
Date: Mon, 6 Mar 2006 14:18:01 GMT
Full_Name: Fred Schmallborn
Version: 2.3.19
OS: AIX 5.2
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (192.109.190.88)


I'm using the ldap backend to proxy some DN's to a corporate LDAP Server.
The requests to the corporate LDAP are configured to use only USER binds.

In the slapd.conf, there ist configured to have "idle-timeout 30".

For the BIND of the first user this is working fine - after 30 seconds the two
connections to the corporate LDAP are closed.

The BIND connections of the second user are not closed.

- The slapd.conf part for LDAP proxy:

database        ldap
suffix          "ou=people,dc=corpldap,dc=com"
uri             "ldap://corpldap.com:3892/";
idle-timeout 30


- after the first user "myuser1" is connected:
> netstat -a | grep corpldap
tcp4       0      0  ipnetmg5c1.muc.46110   corpldap.muc.3892         
ESTABLISHED
tcp4       0      0  ipnetmg5c1.muc.46111   corpldap.muc.3892         
ESTABLISHED

- after the second user "myuser2" is connected:
> netstat -a | grep laas
tcp4       0      0  ipnetmg5c1.muc.46110   corpldap.muc.3892         
ESTABLISHED
tcp4       0      0  ipnetmg5c1.muc.46111   corpldap.muc.3892         
ESTABLISHED
tcp4       0      0  ipnetmg5c1.muc.46126   corpldap.muc.3892         
ESTABLISHED
tcp4       0      0  ipnetmg5c1.muc.46128   corpldap.muc.3892         
ESTABLISHED

- 30 secconds later (this connections are remaining forever):
> netstat -a | grep laas
tcp4       0      0  ipnetmg5c1.muc.46126   corpldap.muc.3892         
ESTABLISHED
tcp4       0      0  ipnetmg5c1.muc.46128   corpldap.muc.3892         
ESTABLISHED


- In the syslog file:

Mar  6 14:48:02 ipnetmg5 slapd[745648]: slapd starting
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 fd=8 ACCEPT from
IP=127.0.0.1:46108 (IP=0.0.0.0:389)
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 fd=9 ACCEPT from
IP=127.0.0.1:46109 (IP=0.0.0.0:389)
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=0 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=0 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=0 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=0 RESULT tag=97 err=0 text=
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=1 SRCH
base="ou=People,dc=corpldap,dc=com" scope=2
 deref=3 filter="(&(objectClass=*)(uid=myuser1))"
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=1 SRCH attr=uid
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=0 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=0 RESULT tag=97 err=0 text=
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=1 SRCH
base="ou=People,dc=corpldap,dc=com" scope=2
 deref=3 filter="(&(objectClass=*)(uid=myuser1))"
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=1 SRCH attr=uid
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=1 SEARCH RESULT tag=101 err=0
nentries=1 text=
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=2 BIND anonymous mech=implicit
ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=2 BIND
dn="uid=myuser1,ou=people,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=1 SEARCH RESULT tag=101 err=0
nentries=1 text=
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=2 BIND anonymous mech=implicit
ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=2 BIND
dn="uid=myuser1,ou=people,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=2 BIND
dn="uid=myuser1,ou=people,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=2 RESULT tag=97 err=0 text=
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=3 BIND anonymous mech=implicit
ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=3 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=2 BIND
dn="uid=myuser1,ou=people,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=2 RESULT tag=97 err=0 text=
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=3 BIND anonymous mech=implicit
ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=3 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=3 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=1 op=3 RESULT tag=97 err=0 text=
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=3 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:22 ipnetmg5 slapd[745648]: conn=0 op=3 RESULT tag=97 err=0 text=
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=7 SRCH
base="ou=People,dc=corpldap,dc=com" scope=2
 deref=3 filter="(&(objectClass=*)(uid=myuser2))"
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=7 SRCH attr=uid
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=8 SRCH
base="ou=People,dc=corpldap,dc=com" scope=2
 deref=3 filter="(&(objectClass=*)(uid=myuser2))"
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=8 SRCH attr=uid
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=8 SEARCH RESULT tag=101 err=0
nentries=1 text=
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=9 BIND anonymous mech=implicit
ssf=0
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=9 BIND
dn="uid=myuser2,ou=people,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=9 BIND
dn="uid=myuser2,ou=people,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=9 RESULT tag=97 err=0 text=
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=10 BIND anonymous
mech=implicit ssf=0
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=10 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=c
om" method=128
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=7 SEARCH RESULT tag=101 err=0
nentries=1 text=
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=8 BIND anonymous mech=implicit
ssf=0
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=8 BIND
dn="uid=myuser2,ou=people,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=8 BIND
dn="uid=myuser2,ou=people,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=8 RESULT tag=97 err=0 text=
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=9 BIND anonymous mech=implicit
ssf=0
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=9 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" method=128
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=10 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=c
om" mech=SIMPLE ssf=0
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=1 op=10 RESULT tag=97 err=0 text=
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=9 BIND
dn="uid=myuser1,ou=People,dc=corpldap,dc=co
m" mech=SIMPLE ssf=0
Mar  6 14:48:51 ipnetmg5 slapd[745648]: conn=0 op=9 RESULT tag=97 err=0 text=
Mar  6 14:49:36 ipnetmg5 slapd[745648]: conn=0 fd=8 closed (idletimeout)
Mar  6 14:49:36 ipnetmg5 slapd[745648]: conn=1 fd=9 closed (idletimeout)


Best Regards
Fred
Prev by Date: Re: (ITS#4418) slapd stops responding
Next by Date: Re: (ITS#4422) Client connecting with multiple certificates
Index(es):
- Chronological
- Thread