Brooks Campbell wrote:
We upgraded some client servers from RedHat ES3U4 to Redhat ES4U2 and now the ldapsearch string we used in our monitoring software to check if the customers openldap server is working is returning errors.
We were using:
ldapsearch -x -H ladps://host.domain.com:636
Which worked find with the open ldap-client on redhat 3 (I do not no the version number) but in redhat 4 openldap-clients 2.2.13-3 we get the error "Could not create LDAP session handle (3): Time limit exceeded" immediately. Ldap is working our application authenticates users it is just the ldapsearch we are using to monitor the service which seems to not be working.
Does anyone see anything wrong with the line above or is there something else we can use in a automated script to check if the ldap server is running?
I wouldn't consider OpenLDAP 2.2.13 as a reference in terms of plausibility of returned error codes. I'd note that since the late 2.3 the client library was badly broken in many aspects, mostly related to concurrency and error handling. In that specific case, I'd rather inspect the logs (client, and server if anything gets to it at all), to see what's causing an error, without relying too much on what the client displays. Actually, I'd rather upgrade to a stable, reliable and supported version (2.3.41? 2.4.8?).
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------