Hello Clement,
Thank you for your answer. I tried some of these parameters before with no success. I can't remember exactily which values I probed because I tested them a few weeks ago, so I checked them again with this configuration, and I have the same wrong behaviour as without them:
bind-timeout 1000000 (1 second) network-timeout 2 (2 seconds)
... ... ####################################################################### # MDB database definitions ####################################################################### ###Ad Principal database meta suffix "dc=ldapproxy-pre,dc=local" rootdn "cn=manager,dc=ldapproxy-pre,dc=local" rootpw ?????????????? chase-referrals no nretries 0 bind-timeout 1000000 network-timeout 2
################################### # # Entrada LDAP para ONE # ################################### uri "ldap://1.2.3.1/ou=ONE,ou=Usuarios,dc=ldapproxy-pre,dc=local"
... ...
Greetings, David.
Le 10/05/2019 à 12:27, David Sanchez Herrero a écrit :
Hello Clement,
Thank you for your answer. I tried some of these parameters before with no success. I can't remember exactily which values I probed because I tested them a few weeks ago, so I checked them again with this configuration, and I have the same wrong behaviour as without them:
You can maybe try the quarantine :
quarantine <interval>,<num>[;<interval>,<num>[...]] Turns on quarantine of URIs that returned LDAP_UNAVAILABLE, so that an attempt to reconnect only occurs at given intervals instead of any time a client requests an operation. The pattern is: retry only after at least interval seconds elapsed since last attempt, for exactly num times; then use the next pattern. If num for the last pattern is "+", it retries forever; otherwise, no more retries occur. This directive must appear before any target specification; it affects all targets with the same pattern.
Hello again Clement,
I've just checked the quarantine parameter with no luck again. It only let me use the parameter once in slapd.conf file and not for every target/uri. Otherwise slaptest command gives me an error telling me that quarantine parameter is already defined. Using it only once, slaptest command returns successfully, but the service doesn't start. I can see these errors in the log file:
May 13 10:40:29 proxyldap-pre slapd[26166]: olcDbQuarantine: value #0: quarantine already defined. May 13 10:40:29 proxyldap-pre slapd[26166]: config error processing olcMetaSub={0}uri,olcDatabase={1}meta,cn=config: quarantine already defined May 13 10:42:02 proxyldap-pre slapd[26194]: olcDbQuarantine: value #0: quarantine already defined. May 13 10:42:02 proxyldap-pre slapd[26194]: config error processing olcMetaSub={0}uri,olcDatabase={1}meta,cn=config: quarantine already defined
So finally, I have to delete the parameter in the slapd.conf or I can't start the service.
Thanks again for your help. Any new ideas? It's an extrange behaviour and I don't really think OpenLDAP can't detect and manage this situation in any way.
Best regards, David.
openldap-technical@openldap.org
-
Clément OUDOT -
David Sanchez Herrero