LDAP socket support

Question

LDAP socket support

We are using the OpenLDAP client library to connect to the LDAP server. The problem is that if there is no activity for some time, the server (or firewall in the middle) disconnects the TCP connection.

Our current "keep-alive" implementation just does baseDN lookups from time to time - any better ideas?

+1

networking tcp keep-alive ldap openldap

Dmitry Khalatov 24 nov. '08 at 7:07

source to share

3 answers

LDAP failure can work:

if (ldap_abandon(ld, 0, sctrls, cctrls) != LDAP_SUCCESS)
    {
       /* handle ldap error */
    };

The following information has been discussed on the OpenLDAP mailing list:

http://www.openldap.org/lists/openldap-devel/200905/msg00008.html

In short: A reject request sends a message to the server, however the server does not send a response to the client to reject requests. Zero is not a valid MSGID for LDAP queries. Since zero is an invalid MSGID and the server does not respond to reject requests, in theory the server will ignore a reject request for msgid zero. This would keep the TCP socket active, preventing the firewall from dropping the connection.

Cm:

RFC 4511 Section 4.11: Decommissioning.
RFC 4511 Section 4.1.1.1: MessageID

http://tools.ietf.org/html/rfc4511

+2

David M. Syzdek 04 oct. 11 at 17:06

source to share

LDAP_OPT_RECONNECT

not available in OpenLdap

0

Alin Apr 07 At 11:12

source to share

Dmitry Khalatov · Accepted Answer · 2008-12-02T20:39:54+0000

The only alternative seems to be reconnecting:

ldap_set_option( ld, LDAP_OPT_RECONNECT, LDAP_OPT_ON );

LDAP socket support

More articles: