Hi,
 
I have configured two LDAP backend databases, each pointing to a difference Active Directory domain (multiple domain controllers specified per domain). After a period of time after slapd starts, the ldap log file shows multiple entries like this for the various connections (conns=nnnn):
 
Dec 10 13:18:03 vmxxxldap01 slapd[7826]: conn=1004 op=27 SEARCH RESULT tag=101 err=1 nentries=0 text=000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
 
Without going into too much detail regarding the configuration, I’m wondering if I need to specify LDAP database configuration settings for:
idle-timeout
network-timeout
 
man slapd-ldap:
 
       idle-timeout <time>
              This directive causes a cached connection to be dropped an recreated after it has been idle for the specified time.
 
       network-timeout <time>
              Sets the network timeout value after which poll(2)/select(2) following a connect(2) returns in case of no activity.  The value is in seconds, and it can be specified as for idle-timeout.
 
 
I don’t understand the explanation for network-timeout though, and am hoping someone can kindly explain it in more detail, and suggest a scenario for its appropriate usage.
 
Also, when is it appropriate to use the ldap.conf NETWORK_TIMEOUT setting?
 
man ldap.conf:
 
       NETWORK_TIMEOUT <integer>
              Specifies the timeout (in seconds) after which the poll(2)/select(2) following a connect(2) returns in case of no activity.
 
 
 
 
Could someone please suggest the best approach for my use case?  Of course, I might also be completely off the mark here …
 
Thanks
Bryce Powell