On 11/29/12 12:16 +0530, santosh malavade wrote:
We are using openldap version 2.0.27 on RHEL AS 3 with Postfix 2.2.10 In postfix logs, I have seen the following warning message: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as <dn>: 85 (Timed out) The default timeout is set as 10 seconds.
How do I monitor my ldap server. I would like to know the active connection counts on my ldap server.
You can use ldapsearch to verify your server is responding, and postmap to verify that postfix can query it.
Consider installing a newer version of slapd on another server, and pointing your postfix config at it.
On 11/29/12 17:08 +0530, santosh malavade wrote:
I believe the timeout is happening due to large no. of connections / large no. of operations against the ldap server.
As was already mentioned, use netstat to find out if that's the case. If you're getting ldap connections from external sources, and you don't need to allow external connections, you can run slapd on a unix domain socket 'ldapi:///', or use iptables to firewall off port 389 (and 636 if using ldaps).