hyc@symas.com wrote:

The proxycache has nothing to do with the connections to the remote server. That's handled by the back-ldap or whatever backend you're using. Since you haven't provided any of the relevant config info from your slapd.conf there's no way to tell what you're doing there.

In fact your log shows that a Bind was performed on the retry, but it was done anonymously. So it may be something as simple as a missing config keyword (like rebind-as-user in back-ldap). Or it may possibly be related to a bug in back-ldap's retry handling as Pierangelo mentioned in his reply to you.

There is no proxycache bug here. At the moment, without further details, it doesn't seem there's any OpenLDAP software bug here at all.

I've made a couple of checks with re23 making connections timeout at the remote server's side, and retry works as expected. As far as I remember, the retry issues I mentioned were essentially related to non-search ops, or to ops involving identity assertion. Unless the poster of the issue can provide a clear way to reproduce his problem, there seems to be no evidence of a bug neither in proxy cache nor in back-ldap.

p.

Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------