 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
20 messages in net.sourceforge.lists.courier-usersRE: [courier-users] authldap failing ...| From | Sent On | Attachments |
|---|---|---|
| Bowie Bailey | Jan 24, 2006 11:36 am | |
| Dirk Kulmsee | Jan 24, 2006 1:02 pm | |
| Sam Varshavchik | Jan 24, 2006 3:57 pm | |
| Sam Varshavchik | Jan 24, 2006 3:58 pm | |
| Sebastian Lechte | Jan 25, 2006 3:22 am | |
| Alessandro Vesely | Jan 25, 2006 5:07 am | |
| Bowie Bailey | Jan 25, 2006 10:46 am | |
| Sam Varshavchik | Jan 25, 2006 3:24 pm | |
| Sam Varshavchik | Jan 25, 2006 3:30 pm | |
| Bowie Bailey | Jan 26, 2006 5:53 am | |
| Sam Varshavchik | Jan 26, 2006 3:02 pm | |
| Bowie Bailey | Jan 27, 2006 6:17 am | |
| Georg Lutz | Jan 27, 2006 2:56 pm | |
| Sam Varshavchik | Jan 27, 2006 3:27 pm | |
| Sam Varshavchik | Jan 27, 2006 3:32 pm | |
| Bowie Bailey | Jan 30, 2006 10:50 am | |
| Sam Varshavchik | Jan 30, 2006 3:29 pm | |
| Bowie Bailey | Jan 31, 2006 6:10 am | |
| ecu...@encontacto.net | Mar 16, 2006 3:20 am | |
| Georg Lutz | Mar 16, 2006 12:08 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | RE: [courier-users] authldap failing randomly | Actions... |
|---|---|---|
| From: | Bowie Bailey (Bowi...@BUC.com) | |
| Date: | Jan 27, 2006 6:17:37 am | |
| List: | net.sourceforge.lists.courier-users | |
Sam Varshavchik wrote:
Bowie Bailey writes:
Sam Varshavchik wrote:
I'm wondering if the LDAP server forcibly closes idle connections. After the first authentication request, each process keeps the connection to the LDAP server open. The LDAP server may be closing the idle connection after some period of time, which results in an error when the same process eventually gets an authentication request.
Check the server's configuration for a similar setting, and adjust it.
Yes, the idle timeout is currently set at 30 seconds. I will increase it to a couple of minutes and see what happens.
How do the authdaemon processes respond to lost ldap connections (besides the obvious errors)? Does it simply reconnect for the next attempt?
Will a timeout of a few minutes work, or do I need to increase it further to avoid problems with the authdaemon?
Increase it to at list a couple of hours. With the LDAP server on the same machine, the reasons why you want an inactivity timeout are no longer relevant.
But Courier is not the only application using the LDAP. There are other programs which read and write to the LDAP from across the network. Courier is the main LDAP user, but I need to consider remote access as well.
I increased the timeout to 2 minutes and that seems to have greatly reduced the problem. I can still get an error occasionally, but most of them are gone. Based on your comments, I may increase the timeout to 10 minutes or so and see how it does. I am also going to ask on the LDAP list and see what their comments are as to the proper timeout setting.
Can you give me a bit of insight into how the authdaemon processes are handling the LDAP connections? Do they ever close them or do they assume the connection will remain open indefinitely? What I would assume is this:
- Each process opens a connection and holds it open. - When an authentication request comes in, it tries to use the connection. - If it fails, the process generates a 450 error and then opens a new connection for the next request.
This would mean that whenever an authdaemon process is idle for more than the LDAP timeout period, I should expect to get an error on the next incoming email that attempts to use that process. Is that accurate?
-- Bowie