"Angel L. Mateo" amateo@um.es writes:
El jue, 05-07-2007 a las 14:24 +0200, Hallvard B Furuseth escribió:
Angel L. Mateo writes:
Jul 5 09:44:33 canis4 slapd[28723]: conn=5087 fd=249 closed (connection lost)
OpenLDAP 2.2 just logged "closed", OpenLDAP 2.3 log lines also say why it was closed.
If the client sends an Unbind request, slapd logs that. Otherwise, if the client just exist without doing ldap_unbind() first, all slapd knows is that the connection disappeared for some reason. It doesn't know why, all it can say is "connection lost". It's valid for a client to do so, but a bit naughty because the server admin can't see if there is a problem or not.
So - do you see lost connections in the mail server as well? If so it's a network problem. Otherwise not. If it's a client which opens one LDAP connection, does something, and exits, it works fine (though please ask them to change it anyway). However if the client reopens a new LDAP connection when it gets an LDAP error, without closing the old LDAP connection with ldap_unbind(), you've got a file descriptor leak and a memory leak in the client.
I find it difficult to think is a client problem, because we are having the problem with at least three different client software (postfix 2.3.8, courier-imap 3.0.8 and freeradius 1.1.3). The errors are provocating that users are being not found in the clients, and I know that with our previous ldap versions there isn't any problem because we don't have "user not found" errors in the clients.
As you can see from the logs, there is no bind operation, which has to be. Are the clients configured to use ldapv2?
-Dieter