Full_Name: Maciej Uhlig Version: 2.4.39 OS: CentOS release 6.5 (Final) URL: http://usnet.us.edu.pl/files/openldap/err52.txt Submission from: (NULL) (155.158.97.72)
There are two OpenDJ servers and one OpenLDAP server. OpenLDAP server acts as a proxy to OpenDJ servers. OpenLDAP server is used by Dovecot mailbox server (here LDAP client) for user authentication.
/---OpenDJ1 Dovecot---OpenLDAP ---OpenDJ2 OpenLDAP server runs 2.4.39 software. The problem is observed during OpenLDAP and OpenDJ servers interaction. Users can't send their mail. Dovecot server logs "ldap_bind() failed: Server is unavailable". OpenLDAP server logs "err=52". Restart of OpenLDAP server is required to resume normal operation.
Analysis of OpenDJ log shows: - conn=40822 (correct) takes not more than one second - conn=40823 (incorrect) takes more than eleven minutes (it persists until OpenLDAP server is stopped)
Analysis of OpenLDAP log shows: - op=29970 (conn=40822 in OpenDJ server) ends with err=0 - op=29972 (conn=40823 in OpenDJ server) ends with err=0 - op=29976 (not seen in OpenDJ server) ends with err=52 - similarly op=29979 and all subsequent end with err=52
Looks like OpenLDAP server doesn't unbind (eleven minutes above) from OpenDJ server. Instead it tries to make next bind which is unsuccesful (err=52).
-
maciej.uhlig@us.edu.pl