Issue 7818 - back-ldap: err=52 - unsuccessful bind due to lack of unbind
Summary: back-ldap: err=52 - unsuccessful bind due to lack of unbind
Status: UNCONFIRMED
Alias: None
Product: OpenLDAP
Classification: Unclassified
Component: backends (show other issues)
Version: 2.4.39
Hardware: All All
: --- normal
Target Milestone: ---
Assignee: OpenLDAP project
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-11 10:38 UTC by maciej.uhlig@us.edu.pl
Modified: 2020-03-20 18:39 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this issue.
Description maciej.uhlig@us.edu.pl 2014-03-11 10:38:08 UTC
Full_Name: Maciej Uhlig
Version: 2.4.39
OS: CentOS release 6.5 (Final)
URL: http://usnet.us.edu.pl/files/openldap/err52.txt
Submission from: (NULL) (155.158.97.72)


There are two OpenDJ servers and one OpenLDAP server. OpenLDAP server acts as a
proxy to OpenDJ servers. OpenLDAP server is used by Dovecot mailbox server (here
LDAP client) for user authentication.

                  /---OpenDJ1
Dovecot---OpenLDAP
                  \---OpenDJ2
				  
OpenLDAP server runs 2.4.39 software. The problem is observed during OpenLDAP
and OpenDJ servers interaction. Users can't send their mail. Dovecot server logs
"ldap_bind() failed: Server is unavailable". OpenLDAP server logs "err=52".
Restart of OpenLDAP server is required to resume normal operation. 

Analysis of OpenDJ log shows:
- conn=40822 (correct) takes not more than one second
- conn=40823 (incorrect) takes more than eleven minutes (it persists until
OpenLDAP server is stopped)

Analysis of OpenLDAP log shows:
- op=29970 (conn=40822 in OpenDJ server) ends with err=0
- op=29972 (conn=40823 in OpenDJ server) ends with err=0
- op=29976 (not seen in OpenDJ server) ends with err=52
- similarly op=29979 and all subsequent end with err=52

Looks like OpenLDAP server doesn't unbind (eleven minutes above) from OpenDJ
server. Instead it tries to make next bind which is unsuccesful (err=52).