[Date Prev][Date Next] [Chronological] [Thread] [Top]

time limit on non-idle connections?

I'd like to shut down my individual load-balanced ldap servers gently so
that well-behaved users don't see errors by getting kicked off, but it
seems that there are some evil clients creating persistent connections by
reissuing a SRCH base="" scope=0 deref=0 filter="(objectClass=*)" just
under the idletimeout.  The only other time limit I see that I can
configure is timelimit which, according to the man page, specifies the
"maximum number of seconds (in real time) slapd  will  spend  answering  a
search  request"

Is there a way with OpenLDAP 2.2.23 to enable gentlehup and still be able
to guarantee that the server will eventually close all connections and
shut down one way or the other?

Eric Irrgang - UT Austin ITS Unix Systems - (512)475-9342