Timout for LDAP connection
mj
lists at merit.unu.edu
Wed Mar 2 08:35:33 UTC 2016
Hi,
We have experienced the same or similar problem, and not just with
dovecot but also with postfix. Thanks for your HAProxy suggestion!
We have the feeling that when the ldap connection is actually DOWN
(gone, terminated), OpenLDAP will reconnect to another server.
But if the ldap server becomes 'stuck' (as in: returning no data
anymore, but not actually terminating the connection) a failover does
not happen.
(we have had the second scenario, with samba4 AD ldap)
MJ
On 03/01/2016 10:51 PM, Timo Sirainen wrote:
> But now that I'm testing it, the timeout doesn't seem to be
> triggering. I don't know what happened to it that it suddenly doesn't
> work.. This also means that OpenLDAP seems to be internally stuck
> trying to connect to a server that isn't responding. Dovecot doesn't
> currently make the decisions on which LDAP server to connect to. It
> just passes through all the hosts to OpenLDAP library and lets it
> handle it. And it seems like OpenLDAP library can't right now do this
> failover. So maybe Dovecot should be responsible for that as well..
>
> Anyway, for now you could set up haproxy to localhost and configure
> Dovecot LDAP to connect to haproxy and haproxy connect to the actual
> LDAP servers.
>
More information about the dovecot
mailing list