Bradley T Gill bgill@aep.com schrieb am 27.07.2022 um 15:59 in Nachricht
84030354e2e44d13b5463c6c070e36cc@aep.com:
All, I have been struggling with upgrading OpenLDAP from 2.4 to 2.5/2.6
for some time. We have finally found that we needed to rebuild the schema from scratch and re‑add our customizations. The database is now running
much
better with one lingering problem. Our Established connections just continues to grow until we run out of resources. Below is our cn=config (minus some unrelated info). This is on the same server as where the previous version was running, so changes are openldap and openssl versions.
Any insights as to what might be causing the ESTABLISHED connections to continually grow would be very appreciated.
# AUTO‑GENERATED FILE ‑ DO NOT EDIT!! Use ldapmodify. # CRC32 422b88f4 dn: cn=config objectClass: olcGlobal cn: config olcAttributeOptions: lang‑ olcConcurrency: 0 olcConnMaxPending: 100 olcConnMaxPendingAuth: 1000 olcGentleHUP: FALSE olcIdleTimeout: 0
What about "olcIdleTimeout: 86400" (or even more aggressive)? In the past we had cases where applications opened new LDAP connections, never reused or closed old ones.
olcIndexSubstrIfMaxLen: 4 olcIndexSubstrIfMinLen: 2 olcIndexSubstrAnyLen: 4 olcIndexSubstrAnyStep: 2 olcIndexHash64: FALSE olcIndexIntLen: 4 olcListenerThreads: 1 olcLocalSSF: 71 olcLogLevel: 256 olcLogFileOnly: FALSE olcMaxFilterDepth: 1000 olcReadOnly: FALSE olcSaslAuxpropsDontUseCopyIgnore: FALSE olcSaslSecProps: noplain,noanonymous olcSockbufMaxIncoming: 262143 olcSockbufMaxIncomingAuth: 16777215 olcThreads: 16 olcThreadQueues: 1 olcTLSCRLCheck: none olcTLSVerifyClient: never olcTLSProtocolMin: 0.0 olcToolThreads: 1 structuralObjectClass: olcGlobal creatorsName: cn=config createTimestamp: 20220726200129Z olcAuthzPolicy: any olcWriteTimeout: 30 olcSizeLimit: size.soft=unlimited size.hard=unlimited size.unchecked=unlimited size.pr=1000 size.prtotal=unlimited