[RADIATOR] Intermittent "User Database Access Error"

rohan.henry at cwjamaica.com rohan.henry at cwjamaica.com
Sun Dec 16 18:10:57 UTC 2018 

Hi Christian,

Thanks for the reply.

I am using CGP LDAP. Unfortunately, I still haven't located where to adjust the timeouts you specified.

But my AuthBy LDAP2 clause has following.

        Host            ldap1_IP ldap2_IP ldap3_IP

        Version         3
        HoldServerConnection
        Timeout         10

I also notice that despite specifying multiple LDAP servers on the Host line Radiator does not switch to the alternate servers when the first becomes unavailable (physically offline). I had to implement multiple AuthBy LDAP2 clause and add the clauses to the Handler as a work-around.

Rohan

> On December 16, 2018 at 6:14 AM Christian Kratzer <ck at cksoft.de> wrote:
> 
> 
> Hi,
> 
> On Sat, 15 Dec 2018, rohan.henry at cwjamaica.com wrote:
> > Hi All,
> >
> >
> > Is this a bug in Radiator (4.12.1)? My ldap servers are all available. And there's no related logs in ldap for the failure below.
> >
> > Fri Dec 14 11:01:34 2018 953303: DEBUG: Handling with Radius::AuthLDAP2: CheckADSLBNG
> > Fri Dec 14 11:01:34 2018 963789: DEBUG: Radius::AuthGROUP: CheckADSLBNG result: IGNORE, User database access error
> > Fri Dec 14 11:01:34 2018 964037: DEBUG: Handling with Radius::AuthLDAP2: CheckADSLBNG2
> > Fri Dec 14 11:01:34 2018 964269: DEBUG: Radius::AuthGROUP: CheckADSLBNG2 result: IGNORE, User database access error
> 
> this could be related to timeouts in openldap connections.
> 
> Check following parameter for openldap slapd
> 
>         idletimeout <integer>
>                Specify the number of seconds to wait before forcibly closing an
>                idle client  connection.   A  idletimeout  of  0  disables  this
>                feature.   The  default  is  0.  You  may  also  want to set the
>                writetimeout option.
> 
> If set openldap will close the socket upon timeout and radiator will only notice on the next request.
> 
> Greetings
> Christian
> 
> -- 
> Christian Kratzer                   CK Software GmbH
> Email:   ck at cksoft.de               Wildberger Weg 24/2
> Phone:   +49 7032 893 997 - 0       D-71126 Gaeufelden
> Fax:     +49 7032 893 997 - 9       HRB 245288, Amtsgericht Stuttgart
> Mobile:  +49 171 1947 843           Geschaeftsfuehrer: Christian Kratzer
> Web:     http://www.cksoft.de/

More information about the radiator mailing list