(ITS#7818) err=52 - unsuccessful bind due to lack of unbind - openldap-bugs

Tuesday, 11 March 2014

Full_Name: Maciej Uhlig
Version: 2.4.39
OS: CentOS release 6.5 (Final)
URL: http://usnet.us.edu.pl/files/openldap/err52.txt
Submission from: (NULL) (155.158.97.72)

There are two OpenDJ servers and one OpenLDAP server. OpenLDAP server acts as a
proxy to OpenDJ servers. OpenLDAP server is used by Dovecot mailbox server (here
LDAP client) for user authentication.

                  /---OpenDJ1
Dovecot---OpenLDAP
                  \---OpenDJ2

OpenLDAP server runs 2.4.39 software. The problem is observed during OpenLDAP
and OpenDJ servers interaction. Users can't send their mail. Dovecot server logs
"ldap_bind() failed: Server is unavailable". OpenLDAP server logs
"err=52".
Restart of OpenLDAP server is required to resume normal operation. 

Analysis of OpenDJ log shows:
- conn=40822 (correct) takes not more than one second
- conn=40823 (incorrect) takes more than eleven minutes (it persists until
OpenLDAP server is stopped)

Analysis of OpenLDAP log shows:
- op=29970 (conn=40822 in OpenDJ server) ends with err=0
- op=29972 (conn=40823 in OpenDJ server) ends with err=0
- op=29976 (not seen in OpenDJ server) ends with err=52
- similarly op=29979 and all subsequent end with err=52

Looks like OpenLDAP server doesn't unbind (eleven minutes above) from OpenDJ
server. Instead it tries to make next bind which is unsuccesful (err=52).

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

(ITS#7818) err=52 - unsuccessful bind due to lack of unbind