[Dovecot] "ldap_result() failed: Can't contact LDAP server" log messages
Timo Sirainen
tss at iki.fi
Fri Mar 9 14:15:50 EET 2007
On Fri, 2007-03-09 at 11:57 +0000, Mike Brudenell wrote:
> passdb:
> driver: ldap
> args: /usr/local/etc/dovecot-ldap-passdb.conf
> userdb:
> driver: ldap
> args: /usr/local/etc/dovecot-ldap-userdb.conf
Is there a reason why these config files are separate? That causes it to
create two LDAP connections. If you used the same config file it would
create only one LDAP connection.
> The oddity is that even on a quiescent system (Dovecot started from
> scratch, but no connections being made to it) we are seeing these
> messages being logged, apparently every 5 minutes:
>
> dovecot: Mar 09 11:09:44 Error: auth(default): LDAP: ldap_result()
> failed: Can't contact LDAP server
..
> I'm wondering if Dovecot is trying to hold the connection open but,
> after a timeout of 5 minutes of inactivity, the LDAP server is
> closing it and causing Dovecot to log this message.
I guess it's that. But I think it's invisible to users? Dovecot should
reconnect to the server and retry the request instead of giving some
"internal authentication failure".
> Obviously I'd prefer not to have such worrying-sounding log entries
> appearing. (And if my guess is right then they're slightly
> misleading: the LDAP server *can* be contacted!)
That's the error that LDAP library gives. I'm not sure if it would be a
good idea to just hide the error. Of course one possibility would be
that Dovecot itself disconnects the LDAP connection after a configured
amount of idle time.
Maybe you could also configure the LDAP server to not disconnect
Dovecot's connection?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070309/fdb7b610/attachment-0001.pgp
More information about the dovecot
mailing list