[Date Prev][Date Next]
Re: slapd-meta doesn't continue with multiple uri's
> On 14/08/2012 17:18, firstname.lastname@example.org wrote:
>>> If I remove host1 after the LDAP server has started, the debug
>>> output is at least different. It's attempting to contact host1,
>>> failing, doubling the timeout and trying again continuously, never
>>> attempting to try host2 or host3.
>> The timeout you see is an internal timeout used for each poll on a
>> target's connection. It keeps doubling when the connection is valid
>> but nothing comes. Did you actually kill host1, or just stopped it?
> In the first case (host1 down when LDAP starts), I was testing by
> pointing at a host which has no LDAP service running on it at all,
> although the host itself was up.
> In the second case (host1 down after LDAP starts), I was using a proper
> target (an AD domain controller) and setting an iptables rule to prevent
> outbound traffic to it:
> iptables -A OUTPUT -d host1 -j DROP
>> In the latter case, the connection is not dead, it's just returning
>> nothing. You need to kill the process (or let it timeout using the
>> "timeout" directive).
> Which timeout directive? I've already set network-timeout in the config
> for slapd-meta, and setting bind-timeout doesn't help either. I have no
> control over the configuration of the targets.
bind-timeout and network-timeout have specific, connection-level meaning.
Just "timeout <seconds>" (you can make it search-specific if you don't
want it to affect other operations, using "timeout search=<seconds>".