ali.pouya@free.fr wrote:

Full_Name: Ali Pouya Version: 2.4.8 OS: Linux 2.6 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (145.242.11.3)

Hi, I'm testing the back-meta of OpenLdap 2.4.8 in order to upgrade to this release. My client opens a persistent LDAP connection to slapd, binds with an ordinary account (from the local back-bdb) and begins search operations.

I notice that if a search operation results in an LDAP error (for example error 32 : No Such Object), then back-meta opens a new connection to the target directory for the next operation, leaving the "bad" connection open.

The conn-ttl and idle-timeout parameters do not close the "bad" connections. These connections remain there until the client ends its connection.

This saturates the target servers with unused idle connections.

Is this a bug or a normal behaviour ?

I precise that The behaviour is not the same if the client binds with rootdn.

1) Can you post your slapd.conf (sanitized)?

2) What is exactly causing the error? What error is actually being returned from all targets? For back-meta, no such object has some special semantics.

Best would be if you can provide a setup that allows to reproduce the critical situation with a very simple test, involving as little targets as possible, along with the LDIF required to populate each target and the operation you used.

p.

Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------