[Dovecot] ldap_search() failed "Server Busy"

[Paul Carter-Brown]

Hi,

We are using dovecot 1.1.11 on Solaris 10u6. Under load, we are
experiencing the following errors:

Jun  4 18:30:59 ug1s02-zone1 dovecot: [ID 107833 mail.error]
auth(default): ldap(0202934816 at ug.smilecoms.com,10.31.3.13):
ldap_search() failed (filter (uid=0202934816 at ug.smilecoms.com)): Server
is busy

We are authenticating against sun directory server yet see no errors in
the directory server and it seems to be under low load. Any ideas if
there is something on dovecot we should tune to erradicate this? We are
running a web front end on top of dovecot and hence have a lot of
login/logout happening as the user navigates around.

I have included our config below:

dovecot.conf:


base_dir = /opt/csw/var/run/dovecot/
protocols = imap pop3
listen = *
disable_plaintext_auth = no
shutdown_clients = yes
log_timestamp = "%b %d %H:%M:%S "
syslog_facility = mail
ssl_listen = 
ssl_disable = yes
login_dir = /opt/csw/var/run/dovecot/login
login_chroot = yes
login_user = dovecot
login_process_size = 128
login_process_per_connection = no
login_processes_count = 3
login_max_processes_count = 128
login_max_connections = 256
login_greeting = Dovecot ready.
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
login_log_format = %$: %s
mail_location = maildir:/sapool1/mail/%3n/%3.3n/%6.3n/%u
mail_full_filesystem_access = yes
mail_debug = no
fsync_disable = yes
first_valid_uid = 101
mail_save_crlf = yes
mbox_dirty_syncs = yes
protocol imap {
  login_executable = /opt/csw/libexec/dovecot/imap-login
  mail_executable = /opt/csw/libexec/dovecot/imap
  login_greeting_capability = no
  imap_client_workarounds = outlook-idle
}
  
protocol pop3 {
  login_executable = /opt/csw/libexec/dovecot/pop3-login
  mail_executable = /opt/csw/libexec/dovecot/pop3
  pop3_no_flag_updates = no
  pop3_enable_last = no
  pop3_reuse_xuidl = no
  pop3_lock_session = no
  pop3_uidl_format = %v-%u
  pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
}

protocol lda {
  postmaster_address = postmaster at example.com
  hostname = sol10-dev.dutoit.net
}

auth_anonymous_username = anonymous
auth_verbose = no
auth_debug = no
auth_debug_passwords = no
auth_worker_max_count = 30
auth default {
  mechanisms = plain
  passdb ldap {
    args = /opt/csw/etc/dovecot-ldap.conf
  }
  userdb static {
    args = uid=exim gid=mail home=/sapool1/mail/%u
  }

  user = root
  count = 1 
  ssl_require_client_cert = no
  ssl_username_from_cert = no

  socket listen {
    master {
      path = /opt/csw/var/run/dovecot/auth-master
      mode = 0600
      user = root
      group = root
    }
  }
}

dict {
}

plugin {
}

dovecot-ldap.conf:

hosts = ldap1.it.ug.smilecoms.com:389
dn = cn=Directory Manager
dnpass = blahblah
sasl_bind = no
tls = no
ldap_version = 3
base = dc=smilecoms,dc=com
deref = never
scope = subtree
user_filter = (uid=%u)
pass_attrs = uid=user,PIN=password
pass_filter = (uid=%u)
default_pass_scheme = PLAIN


Thanks so much!
Paul