[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#7464) ldap_back_dobind_int breaking binded user
--20cf307811d0d379c404d032d6ee
Content-Type: text/plain; charset=ISO-8859-1
Config is basic (with special timeout tests commented out) :
database ldap
suffix "o=corp"
uri ldaps://10.100.120.153
# close connection after a timeout
#idletimeout 100
# causes a cached connection to be dropped an recreated after a given ttl
#conn-ttl 4294967294
# close connection after a timeout for ldap backend
#idle-timeout 4294967294
# Discards current cached connection when the client rebinds - default to No
#single-conn no
overlay rwm
rwm-suffixmassage "o=corp" "o=int"
2012/12/6 Pierangelo Masarati <masarati@aero.polimi.it>
>
> > Full_Name: Sebastien Prune THOMAS
> > Version: slapd 2.4.31
> > OS: Linux CentOS
> > URL: ftp://ftp.openldap.org/incoming/
> > Submission from: (NULL) (206.167.157.64)
> >
> >
> > I use OpenLdap to proxy (with the module back-ldap) to a eDirectory LDAP
> > server.
> > Every once and a while I have long lasting connections re-binding as
> > anonymous,
> > breaking the actual bind.
> > This usualy happen after hitting either the idle-timeout or the conn-ttl
> > limit.
> > I wasn't able to find out what these values are when not set... but
> > setting them
> > low can help reproduce the problem :
>
> What is the configuration of back-ldap? Can you post it (after sanitizing
> sensitive info)?
>
> p.
>
> --
> Pierangelo Masarati
> Associate Professor
> Dipartimento di Ingegneria Aerospaziale
> Politecnico di Milano
>
>
--20cf307811d0d379c404d032d6ee
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div style=3D"font-family:Tahoma;font-size:13px">Config is basic (with spec=
ial timeout tests commented out) :</div><div style=3D"font-family:Tahoma;fo=
nt-size:13px">=A0</div><div style=3D"font-family:Tahoma;font-size:13px">dat=
abase =A0 =A0 =A0ldap<br>
suffix =A0 =A0 =A0 =A0 =A0 =A0"o=3Dcorp"<br>uri=A0=A0=A0=A0=A0=A0=
=A0=A0=A0=A0=A0=A0=A0 =A0 =A0<a>ldaps://10.100.120.153</a></div><div style=
=3D"font-family:Tahoma;font-size:13px">=A0</div><div style=3D"font-family:T=
ahoma;font-size:13px"># close connection after a timeout<br>
#idletimeout=A0=A0=A0=A0 100<br># causes a cached connection to be dropped =
an recreated after a given ttl<br>#conn-ttl=A0=A0=A0=A0=A0=A0=A0 4294967294=
<br># close connection after a timeout for ldap backend<br>#idle-timeout=A0=
=A0=A0 4294967294<br># Discards current cached connection when the client r=
ebinds - default to No<br>
#single-conn=A0=A0=A0=A0 no</div><div style=3D"font-family:Tahoma;font-size=
:13px"><br>overlay=A0=A0=A0=A0=A0=A0=A0=A0 rwm<br>rwm-suffixmassage "o=
=3Dcorp" "o=3Dint"</div><div class=3D"gmail_extra"><br><br><=
div class=3D"gmail_quote">2012/12/6 Pierangelo Masarati <span dir=3D"ltr">&=
lt;<a href=3D"mailto:masarati@aero.polimi.it"; target=3D"_blank">masarati@ae=
ro.polimi.it</a>></span><br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><br>
> Full_Name: Sebastien Prune THOMAS<br>
> Version: slapd 2.4.31<br>
> OS: Linux CentOS<br>
> URL: <a href=3D"ftp://ftp.openldap.org/incoming/"; target=3D"_blank">ft=
p://ftp.openldap.org/incoming/</a><br>
> Submission from: (NULL) (206.167.157.64)<br>
><br>
><br>
> I use OpenLdap to proxy (with the module back-ldap) to a eDirectory LD=
AP<br>
> server.<br>
> Every once and a while I have long lasting connections re-binding as<b=
r>
> anonymous,<br>
> breaking the actual bind.<br>
> This usualy happen after hitting either the idle-timeout or the conn-t=
tl<br>
> limit.<br>
> I wasn't able to find out what these values are when not set... bu=
t<br>
> setting them<br>
> low can help reproduce the problem :<br>
<br>
What is the configuration of back-ldap? =A0Can you post it (after sanitizin=
g<br>
sensitive info)?<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
p.<br>
<br>
--<br>
Pierangelo Masarati<br>
Associate Professor<br>
Dipartimento di Ingegneria Aerospaziale<br>
Politecnico di Milano<br>
<br>
</font></span></blockquote></div><br></div>
--20cf307811d0d379c404d032d6ee--