On Thursday 28 February 2008 10:29:26 Pierangelo Masarati wrote:
Buchan Milne wrote:
On Wednesday 27 February 2008 23:12:42 Brooks Campbell wrote:
We upgraded some client servers from RedHat ES3U4 to Redhat ES4U2 and now the ldapsearch string we used in our monitoring software to check if the customers openldap server is working is returning errors.
We were using:
ldapsearch -x -H ladps://host.domain.com:636
The URI is obviously incorrect here, would you mind posting the *exact* URI you are using?
Probably it's *exact* enough: this is what happens with a "modern" ldapsearch:
ldapsearch -x -H ladps://host.domain.com:636 Could not parse LDAP URI(s)=ladps://host.domain.com:636 (3)
Note that (3) is LDAP_URL_ERR_BADSCHEME, as detected by modern libldap, but (3) also corresponds to timelimitExceeded; probably, OpenLDAP 2.2.13 was mixing error codes.
Indeed:
# time ldapsearch -V -x -H ladps://$server:636 ldapsearch: @(#) $OpenLDAP: ldapsearch 2.2.13 (Apr 24 2006 23:01:59) $
root@hs20-bc1-2.build.redhat.com:/usr/src/build/738767-x86_64/BUILD/openldap-2.2.13/openldap-2.2.13/build-clients/clients/tools (LDAP library: OpenLDAP 20213) Could not create LDAP session handle (3): Time limit exceeded
real 0m0.002s user 0m0.001s sys 0m0.001s
However, for something as trivial as this, I don't think an upgrade is warranted, fixing the typo would be better, or maybe using a real monitoring system ....
Regards, Buchan