Hi,
I have configured two LDAP backend databases, each pointing to a difference
Active Directory domain (multiple domain controllers specified per domain).
After a period of time after slapd starts, the ldap log file shows multiple
entries like this for the various connections (conns=nnnn):
Dec 10 13:18:03 vmxxxldap01 slapd[7826]: conn=1004 op=27 SEARCH RESULT tag=101
err=1 nentries=0 text=000004DC: LdapErr: DSID-0C0906E8, comment: In order to
perform this operation a successful bind must be completed on the connection.,
data 0, v1db1
Without going into too much detail regarding the configuration, I'm wondering
if I need to specify LDAP database configuration settings for:
idle-timeout
network-timeout
man slapd-ldap:
idle-timeout <time>
This directive causes a cached connection to be dropped an
recreated after it has been idle for the specified time.
network-timeout <time>
Sets the network timeout value after which poll(2)/select(2)
following a connect(2) returns in case of no activity. The value is in
seconds, and it can be specified as for idle-timeout.
I don't understand the explanation for network-timeout though, and am hoping
someone can kindly explain it in more detail, and suggest a scenario for its
appropriate usage.
Also, when is it appropriate to use the ldap.conf NETWORK_TIMEOUT setting?
man ldap.conf:
NETWORK_TIMEOUT <integer>
Specifies the timeout (in seconds) after which the
poll(2)/select(2) following a connect(2) returns in case of no activity.
Could someone please suggest the best approach for my use case? Of course, I
might also be completely off the mark here ...
Thanks
Bryce Powell
