[RADIATOR] AuthBy LDAP2, HoldServerConnection and missing Retry parameter
Karl Gaissmaier
karl.gaissmaier at uni-ulm.de
Mon Apr 11 04:26:36 CDT 2011
Hello,
thanks for your reply!
Am 06.04.2011 23:44, schrieb Heikki Vatiainen:
> On 04/06/2011 03:39 PM, Christian Kratzer wrote:
>
>>> Wed Apr 6 00:32:34 2011: ERR: ldap search for (|(mail=foo)(uid=bar)) failed with error LDAP_SERVER_DOWN.
>>> Wed Apr 6 00:32:34 2011: ERR: Disconnecting from LDAP server (server foo.uni-ulm.de:636).
>>> Wed Apr 6 00:32:34 2011: DEBUG: AuthBy LDAP2 result: IGNORE, User database access error
>>
>> this is strange as Radiator-4.x has explicit support for reconnecting
>> to ldap servers after an idle timeout.
>
> Indeed. The function that has "ldap search for ..." error message does
> LDAP reconnect as the first thing. Reconnect should notice the closed
> connection and then connect again.
but not with HoldSeverConnection, or? I don't see a reconnect,
not under Trace 4 and even not on the wire with wireshark.
>
> It might be a good idea to upgrade since the newer versions might do
> better job with sending notices about the disonnect.
The LDAP Server isn't under my management domain. But I'll suggest
an upgrade.
>
> If upgrade is not possible, then commenting out HoldServerConnection
> will probably help too.
done, yep this helps but it's not the best solution under heavy load.
..
>>
>> Perhaps as you only have one ldap server to forward to you should set
>> FailureBackoffTime to 0 to allow radiator to immediatly to reconnect.
This didn't help.
Best Regards
Charly
--
Karl Gaissmaier
Kommunikations und Informationszentrum kiz
der Universität Ulm
Abteilung Infrastruktur
SG Netzwerk und Telekommunikation
89069 Ulm
Tel.: 49(0)731/50-22499 Fax : 49(0)731/50-1222499
More information about the radiator
mailing list