[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch returns Could not create LDAP session handle (3): Time limit exceeded



Brooks Campbell wrote:
> We upgraded some client servers from RedHat ES3U4 to Redhat ES4U2 and now
> the ldapsearch string we used in our monitoring software to check if the
> customers openldap server is working is returning errors.
> 
> We were using: 
> 
> ldapsearch -x -H ladps://host.domain.com:636
> 
> Which worked find with the open ldap-client on redhat 3 (I do not no the
> version number) but in redhat 4 openldap-clients 2.2.13-3 we get the error
> "Could not create LDAP session handle (3): Time limit exceeded" immediately.
> Ldap is working our application authenticates users it is just the
> ldapsearch we are using to monitor the service which seems to not be
> working.
> 
> Does anyone see anything wrong with the line above or is there something
> else we can use in a automated script to check if the ldap server is
> running?

I wouldn't consider OpenLDAP 2.2.13 as a reference in terms of
plausibility of returned error codes.  I'd note that since the late 2.3
the client library was badly broken in many aspects, mostly related to
concurrency and error handling.  In that specific case, I'd rather
inspect the logs (client, and server if anything gets to it at all), to
see what's causing an error, without relying too much on what the client
displays.  Actually, I'd rather upgrade to a stable, reliable and
supported version (2.3.41?  2.4.8?).

p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------