Ping LDAP server every second

Tagged: , ,

This topic has 3 replies, 2 voices, and was last updated 5 years, 9 months ago by Bill Nelson.

  • Author
    Posts
  • #14110
     Frotonis
    Participant

    Hi everybody,

    i have problem or maybe i am missing some kind of configuration which have to be made maybe on OpenAM side.

    I see in my logs that every second it is called request and i don’t know why and from where. It could be related to persistent search controls?

    I am really lost right now, so i will be pleased by any advice.

    Here is part of log file i have.

    [03/Nov/2016:10:48:00 +0100] BIND REQ conn=21729435 op=1 msgID=2 version=3 type=SIMPLE dn=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk”
    [03/Nov/2016:10:48:00 +0100] BIND RES conn=21729435 op=1 msgID=2 result=0 authDN=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk” etime=0
    [03/Nov/2016:10:48:00 +0100] BIND REQ conn=21729436 op=1 msgID=2 version=3 type=SIMPLE dn=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk”
    [03/Nov/2016:10:48:00 +0100] BIND RES conn=21729436 op=1 msgID=2 result=0 authDN=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk” etime=0
    [03/Nov/2016:10:48:01 +0100] BIND REQ conn=21729437 op=1 msgID=2 version=3 type=SIMPLE dn=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk”
    [03/Nov/2016:10:48:01 +0100] BIND RES conn=21729437 op=1 msgID=2 result=0 authDN=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk” etime=1
    [03/Nov/2016:10:48:01 +0100] BIND REQ conn=21729438 op=1 msgID=2 version=3 type=SIMPLE dn=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk”
    [03/Nov/2016:10:48:01 +0100] BIND RES conn=21729438 op=1 msgID=2 result=0 authDN=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk” etime=0
    [03/Nov/2016:10:48:02 +0100] BIND REQ conn=21729439 op=1 msgID=2 version=3 type=SIMPLE dn=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk”
    [03/Nov/2016:10:48:02 +0100] BIND RES conn=21729439 op=1 msgID=2 result=0 authDN=”uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk” etime=0

    #14111
     Bill Nelson
    Participant

    It wouldn’t be due to persistent controls. A persistent search maintains an active connection and holds it open for a period of time. In OpenAM’s case, I believe it holds it open for 5 minutes and after every bind operation, you would see a search operation.

    Is uid=sa_cam,ou=CAM,ou=Apps,dc=st,dc=sk the OpenAM service account used to bind to OpenDJ? I assume so based on your questions, but just want to make sure. Also, does any other application have the credentials for this DN? Is it possible that they may be used by another client – this looks more like a load balancer health check to me. Check the IP address of the TCP/IP connection to verify the origination of the bind operation.

    #14112
     Frotonis
    Participant

    Thanks for your answer. I will make steps necessary to investigate my situation. Mainly network connections.

    #14113
     Bill Nelson
    Participant

    You are welcome. Let us know what you find.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?