On Fri, 2007-03-09 at 11:57 +0000, Mike Brudenell wrote:
passdb: driver: ldap args: /usr/local/etc/dovecot-ldap-passdb.conf userdb: driver: ldap args: /usr/local/etc/dovecot-ldap-userdb.conf
Is there a reason why these config files are separate? That causes it to create two LDAP connections. If you used the same config file it would create only one LDAP connection.
The oddity is that even on a quiescent system (Dovecot started from
scratch, but no connections being made to it) we are seeing these
messages being logged, apparently every 5 minutes:dovecot: Mar 09 11:09:44 Error: auth(default): LDAP: ldap_result()
failed: Can't contact LDAP server .. I'm wondering if Dovecot is trying to hold the connection open but,
after a timeout of 5 minutes of inactivity, the LDAP server is
closing it and causing Dovecot to log this message.
I guess it's that. But I think it's invisible to users? Dovecot should reconnect to the server and retry the request instead of giving some "internal authentication failure".
Obviously I'd prefer not to have such worrying-sounding log entries
appearing. (And if my guess is right then they're slightly
misleading: the LDAP server *can* be contacted!)
That's the error that LDAP library gives. I'm not sure if it would be a good idea to just hide the error. Of course one possibility would be that Dovecot itself disconnects the LDAP connection after a configured amount of idle time.
Maybe you could also configure the LDAP server to not disconnect Dovecot's connection?