Long ldap session when ldap server failover - openldap-technical

24 Feb 2017


      Hi,
I have an issue with long ldap session when ldap server failover.
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=-1 msgId=-1 - fd=89 slot=89 LDAPS connection from 10.14.97.45:55287 to 113.216.102.167
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=-1 msgId=-1 - SSL 128-bit AES-128; client CN=HRM3; issuer O=E,OU=eOAM,CN=jerarm003NECertCA
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=-1 msgId=-1 - SSL failed to map client certificate to LDAP DN (No such object)
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=0 msgId=1 - BIND dn="cn=ProxyUser,ou=proxyagent,ou=com,dc=jerarm,dc=roma,dc=te,dc=com" method=128 version=3
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=proxyuser,ou=proxyagent,ou=com,dc=jerarm,dc=roma,dc=te,dc=com"
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=1 msgId=2 - SRCH base="dc=jerarm,dc=roma,dc=te,dc=com" scope=2 filter="(&(&(objectClass=posixAccount)(|(eUserAuthenticationScope=HLRALL)(eUserAuthenticationScope=HRM3)(eUserAuthenticationScope=\2a)))(&(objectClass=posixAccount)(|(eUserAuthenticationScope=HLRALL)(eUserAuthenticationScope=HRM3)(eUserAuthenticationScope=\2a)))(uid=us000001))" attrs=ALL
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=2 msgId=3 - BIND dn="uid=us000001,ou=people,dc=jerarm,dc=roma,dc=te,dc=com" method=128 version=3
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=2 msgId=3 - RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=us000001,ou=people,dc=jerarm,dc=roma,dc=te,dc=com"
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=3 msgId=4 - BIND dn="cn=ProxyUser,ou=proxyagent,ou=com,dc=jerarm,dc=roma,dc=te,dc=com" method=128 version=3
[01/Dec/2016:11:34:29 +0100] conn=7187095 op=3 msgId=4 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=proxyuser,ou=proxyagent,ou=com,dc=jerarm,dc=roma,dc=te,dc=com"
[01/Dec/2016:11:40:01 +0100] conn=7187095 op=4 msgId=5 - UNBIND
[01/Dec/2016:11:40:01 +0100] conn=7187095 op=4 msgId=-1 - closing from 10.14.97.45:55287 - U1 - Connection closed by unbind client -
[01/Dec/2016:11:40:01 +0100] conn=7187095 op=-1 msgId=-1 - closed.
The openldap client didn't send UNBIND soon but sent after several minutes. Could you suggest me any way forward to find the root cause?openldap2-client-2.4.26-0.62.2
Regards,Tai