RE: Problems in error situations

["Howard Chu" <hyc@symas.com>]

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Riku Anttila

> I am interested in using an OpenLDAP database to replace NIS on a
> currently small but expanding cluster of Linux computers.

Welcome to the world of poor network availability and unpredictable
downtime...

> nscd and certain pam-aware programs appear to be keeping a connection
> open to the main server at all times. Is this normal and necessary?
> When something goes wrong with the connection, such as the server
> getting disconnected from the network, the programs do not recover
> along with the master server, nor do they start using a back-up server.
> A locked X session, for instance, stays locked for good, as far as I
> can help it.

The OpenLDAP client library supports an option LDAP_OPT_NETWORK_TIMEOUT which
can be used to specify how long to wait when opening a connection. That will
help in the case of new requests to a down server. Whether pam_ldap or
nss_ldap knows how to use this option is an entirely different question, and
one for a different mailing list. The delay in noticing that an existing
connection has hung is also a separate matter. Each call to ldap_result() can
take a timeout parameter, so it's up to the client (pam_ldap or nss_ldap) to
specify these values.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support