https://bugs.openldap.org/show_bug.cgi?id=8721
--- Comment #3 from Shawn McKinney smckinney@symas.com --- Cannot reproduce scenario.
Details:
$OpenLDAP: slapd 2.5.3
Proxy config: ``` gsfile "/var/run/openldap/slapd.args"
loglevel stats sync threads 8
### modules modulepath /opt/openldap25/lib/openldap moduleload back_meta moduleload back_ldap
### schemas include /opt/openldap25/etc/openldap/schema/core.schema include /opt/openldap25/etc/openldap/schema/cosine.schema
sizelimit unlimited timelimit unlimited
database meta suffix "" quarantine 20,+ rootdn "dc=example,dc=com" rootpw "F00F1ghters"
uri ldap://dewey/ou=Groups,dc=example,dc=com uri "ldap://louie/ou=bar,dc=example,dc=com"
access to * by * read ```
1st search (all three servers running):
``` $ ldapsearch -H ldap://huey -D "dc=example,dc=com" -w F00F1ghters -b "dc=example,dc=com" -s sub objectclass=*
# Groups, example.com dn: ou=Groups,dc=example,dc=com objectClass: organizationalUnit ou: Groups description: Group container
# foo, Groups, example.com dn: cn=foo,ou=Groups,dc=example,dc=com member: cn=service-user,ou=admin,dc=example,dc=com cn: foo objectClass: groupOfNames objectClass: top
# bar, example.com dn: ou=bar,dc=example,dc=com ou: bar objectClass: organizationalUnit objectClass: top
# bar, bar, example.com dn: cn=bar,ou=bar,dc=example,dc=com cn: bar sn: bar objectClass: person objectClass: top
# search result search: 2 result: 0 Success
# numResponses: 5 # numEntries: 4 ```
2nd search, louie not running, same search op:
``` # Groups, example.com dn: ou=Groups,dc=example,dc=com objectClass: organizationalUnit ou: Groups description: Group container
# foo, Groups, example.com dn: cn=foo,ou=Groups,dc=example,dc=com member: cn=service-user,ou=admin,dc=example,dc=com cn: foo objectClass: groupOfNames objectClass: top
# search result search: 2 result: 0 Success
# numResponses: 3 # numEntries: 2 ```
Proxy server logs shows louie has been quarantined:
``` Apr 12 16:59:41 huey slapd[110695]: conn=1004 op=1 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(objectClass=*)" Apr 12 16:59:41 huey slapd[110695]: conn=1004 op=1 meta_back_retry[1]: retrying URI="ldap://louie" DN="". Apr 12 16:59:41 huey slapd[110695]: conn=1004 op=1 meta_back_quarantine[1]: enter. ```
3rd search, louie restarted, after waiting 20 seconds:
proxy server, louie exits quarantine:
``` Apr 12 17:02:01 huey slapd[110695]: conn=1005 op=1 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(objectClass=*)" Apr 12 17:02:01 huey slapd[110695]: conn=1005 op=1 meta_back_init_one_conn[1]: quarantine retry block #0 try #0. Apr 12 17:02:01 huey slapd[110695]: conn=1005 op=1 SEARCH RESULT tag=101 err=0 qtime=0.000020 etime=0.004103 nentries=4 text= Apr 12 17:02:01 huey slapd[110695]: conn=1005 op=1 meta_back_quarantine[1]: exit. ```
search returns all results as expected:
``` # Groups, example.com dn: ou=Groups,dc=example,dc=com objectClass: organizationalUnit ou: Groups description: Group container
# foo, Groups, example.com dn: cn=foo,ou=Groups,dc=example,dc=com member: cn=service-user,ou=admin,dc=example,dc=com cn: foo objectClass: groupOfNames objectClass: top
# bar, example.com dn: ou=bar,dc=example,dc=com ou: bar objectClass: organizationalUnit objectClass: top
# bar, bar, example.com dn: cn=bar,ou=bar,dc=example,dc=com cn: bar sn: bar objectClass: person objectClass: top
# search result search: 2 result: 0 Success
# numResponses: 5 # numEntries: 4 ```