Re: ldapsearch returns Could not create LDAP session handle (3): Time limit exceeded

[Buchan Milne <bgmilne@staff.telkomsa.net>]

On Thursday 28 February 2008 10:29:26 Pierangelo Masarati wrote:
> Buchan Milne wrote:
> > On Wednesday 27 February 2008 23:12:42 Brooks Campbell wrote:
> >> We upgraded some client servers from RedHat ES3U4 to Redhat ES4U2 and
> >> now the ldapsearch string we used in our monitoring software to check if
> >> the customers openldap server is working is returning errors.
> >>
> >> We were using:
> >>
> >> ldapsearch -x -H ladps://host.domain.com:636
> >
> > The URI is obviously incorrect here, would you mind posting the *exact*
> > URI you are using?
>
> Probably it's *exact* enough: this is what happens with a "modern"
> ldapsearch:
>
> ldapsearch -x -H ladps://host.domain.com:636
> Could not parse LDAP URI(s)=ladps://host.domain.com:636 (3)
>
> Note that (3) is LDAP_URL_ERR_BADSCHEME, as detected by modern libldap,
> but (3) also corresponds to timelimitExceeded; probably, OpenLDAP 2.2.13
> was mixing error codes.

Indeed:

# time ldapsearch -V -x -H ladps://$server:636
ldapsearch: @(#) $OpenLDAP: ldapsearch 2.2.13 (Apr 24 2006 23:01:59) $
        
root@hs20-bc1-2.build.redhat.com:/usr/src/build/738767-x86_64/BUILD/openldap-2.2.13/openldap-2.2.13/build-clients/clients/tools
        (LDAP library: OpenLDAP 20213)
Could not create LDAP session handle (3): Time limit exceeded

real    0m0.002s
user    0m0.001s
sys     0m0.001s


However, for something as trivial as this, I don't think an upgrade is 
warranted, fixing the typo would be better, or maybe using a real monitoring 
system ....

Regards,
Buchan