On Thursday 28 February 2008 10:29:26 Pierangelo Masarati wrote:
Buchan Milne wrote:
> On Wednesday 27 February 2008 23:12:42 Brooks Campbell wrote:
>> We upgraded some client servers from RedHat ES3U4 to Redhat ES4U2 and
>> now the ldapsearch string we used in our monitoring software to check if
>> the customers openldap server is working is returning errors.
>> We were using:
>> ldapsearch -x -H ladps://host.domain.com:636
> The URI is obviously incorrect here, would you mind posting the *exact*
> URI you are using?
Probably it's *exact* enough: this is what happens with a "modern"
ldapsearch -x -H ladps://host.domain.com:636
Could not parse LDAP URI(s)=ladps://host.domain.com:636 (3)
Note that (3) is LDAP_URL_ERR_BADSCHEME, as detected by modern libldap,
but (3) also corresponds to timelimitExceeded; probably, OpenLDAP 2.2.13
was mixing error codes.
# time ldapsearch -V -x -H ladps://$server:636
ldapsearch: @(#) $OpenLDAP: ldapsearch 2.2.13 (Apr 24 2006 23:01:59) $
(LDAP library: OpenLDAP 20213)
Could not create LDAP session handle (3): Time limit exceeded
However, for something as trivial as this, I don't think an upgrade is
warranted, fixing the typo would be better, or maybe using a real monitoring