Wonderful help. It showed that I wasn't indexing the attribute I was querying. That is done and now the debug level responds with QUERY ANSWERABLE. Looks like the proxy is actually working.
Well, almost. If the master server is there, it returns with the answer and all looks good. If the master server isn't there for the proxy, the proxy still responds in debug with QUERY ANSWERABLE, but blocks after that. This causes ldapsearch to stay blocked as well.
Why would a proxy still check with the master If the proxy is working? I want to use this to relieve processing from the master.
It also gets back to the other part of my problem. Since it seems to block indefinitely, how can I set a decent timeout for slapd?
Again, thanks for the help so far.
Nathan
------------------------------ Date: Mon, 14 Jan 2008 10:09:53 +0100 From: "Dieter Kluenter" dieter@dkluenter.de Subject: Re: query timeout and proxytemplate To: openldap-software@openldap.org Message-ID: 87hchglqn2.fsf@magenta.l4b.de Content-Type: text/plain; charset=utf-8
"Nathan Morrow" nmorrow@spotswood.org writes:
Two questions for the group
I am running slapd as a ldap proxy which is working fine. I have tried idetimeout and idle-timeout to shorten the query if the tcp connection isn?t there for the proxy, but the connection still seems to hang indefinitely. Again, it works fine when the master ldap server is there.
overlay pcache
proxyCache bdb 100000 1 1000 100
proxyAttrset 0 proxyAddresses
proxyTemplate (&(objectClass=)(proxyAddresses=)) 0 3600
The query (that works when the master server is available) below, doesn?t work when the same request is made after that and the server isn?t there. But that shouldn?t matter if the cache were used. Alas, no luck.
ldapsearch -x -D 'CN=MTA,OU=Restricted,DC=fake,DC=com? -b 'OU=Staff,DC=fake,DC=com' -l 5 -Z "(& (objectClass=person)(proxyAddresses=SMTP:user@fake.com))" proxyAddresses
In order to test the proxy caching function run your proxy slapd with -d pcache.
-Dieter