Re: AW: Syslog states ldap_result() failed: Can't contact LDAP server

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: "Teichert, Robert" <Robert.Teichert [at] universa.de>
Cc: nss-pam-ldapd-users <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: AW: Syslog states ldap_result() failed: Can't contact LDAP server
Date: Wed, 30 Mar 2011 21:57:29 +0200

On Wed, 2011-03-30 at 06:47 +0000, Teichert, Robert wrote:
> > There is no easy way to filter these kind of messages from within
> > nslcd.
> 
> Hm is there a possibility not to use the syslog facility but a simple
> logfile?

Not really. There was some code left behind that made it possible (but
wasn't used of linked anywhere) but it got removed in the 0.8 branch a
couple of days ago.

> As you can see in lessdebug.log, that seems to fix the "Can't contact
> LDAP Server" Problem. Would be nice to know, whats wrong with keeping
> the connection alive.

Then it would really seem that the LDAP server was closing the
connection for some reason.

The relevant log snippet where the connection problem is found:

nslcd: [8e1f29] DEBUG: myldap_search(base="o=mydomain,c=de", 
filter="(&(objectClass=uv-posixAccount)(uv-userName=teichert))")
ldap_search_ext
put_filter: "(&(objectClass=uv-posixAccount)(uv-userName=teichert))"
put_filter: AND
put_filter_list "(objectClass=uv-posixAccount)(uv-userName=teichert)"
put_filter: "(objectClass=uv-posixAccount)"
put_filter: simple
put_simple_filter: "objectClass=uv-posixAccount"
put_filter: "(uv-userName=teichert)"
put_filter: simple
put_simple_filter: "uv-userName=teichert"
ldap_build_search_req ATTRS: uv-userName
ldap_send_initial_request
ldap_send_server_request
ldap_result ld 0x19a0450 msgid 3
wait4msg ld 0x19a0450 msgid 3 (timeout 30000000 usec)
wait4msg continue ld 0x19a0450 msgid 3 all 0
** ld 0x19a0450 Connections:
* host: ldap  port: 636  (default)
  refcnt: 2  status: Connected
  last used: Wed Mar 30 07:31:19 2011
** ld 0x19a0450 Outstanding Requests:
 * msgid 3,  origid 3, status InProgress
   outstanding referrals 0, parent count 0
  ld 0x19a0450 request count 1 (abandoned 0)
** ld 0x19a0450 Response Queue:
   Empty
  ld 0x19a0450 response count 0
ldap_chkResponseList ld 0x19a0450 msgid 3 all 0
ldap_chkResponseList returns ld 0x19a0450 NULL
ldap_int_select
read1msg: ld 0x19a0450 msgid 3 all 0
ber_get_next failed.
ldap_err2string
nslcd: [8e1f29] ldap_result() failed: Can't contact LDAP server

From my limited understanding the OpenLDAP internals it would seem that
the LDAP library thinks the connection is open when it is looking for
answers. I think "ldap_chkResponseList returns ld 0x19a0450 NULL" means
that a response was not found.

I still think that either the LDAP server is timing the connection out
(idle-timeout option) or some networking component is closing the
connection for some reason. A way to test this theory would be to start
an ldapsearch that should return a lot of entries and add the -E pr=5
option to return paged results. Can you reproduce the connection error
problem with ldapsearch I think we can eliminate nslcd as the source of
this issue.

-- 
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users

Re: Syslog states ldap_result() failed: Can't contact LDAP server, (continued)

Prev by Date: AW: Syslog states ldap_result() failed: Can't contact LDAP server
Next by Date: Re: Syslog states ldap_result() failed: Can't contact LDAP server
Previous by thread: AW: Syslog states ldap_result() failed: Can't contact LDAP server
Next by thread: Re: Syslog states ldap_result() failed: Can't contact LDAP server