#1501 Make the LDAP bind operation timeout configurable
Closed: Fixed None Opened 7 years ago by jhrozek.

Currently the bind timeout is hardcoded to 5 seconds. IIRC we wanted to make the timeout configurable when we were working on asynchronous bind, but then we cancelled the whole effort.

In order to make the timeout configurable, we might either reuse the existing ldap_opt_timeout setting or introduce a new one.

Fields changed

summary: Make the bind timeout configurable => Make the LDAP bind operation timeout configurable

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.12 beta
rhbz: => todo

Fields changed

milestone: SSSD 1.12 beta => SSSD 1.13 beta

This timeout is hit a couple of times during testing authentication of AD users with the IPA compat tree. The reason is that the IPA server has to take the credentials given in the LDAP bind to the compat tree and use them to authenticate against an AD DC from a trusted domain. Depending on network topology and server load this can easily need more then 5s.

I think using ldap_opt_timeout here is fine.

changelog: =>
design: =>
design_review: => 0
fedora_test_page: =>
milestone: SSSD 1.15 beta => NEEDS_TRIAGE
review: => 0
selected: =>

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.13

Fields changed

mark: => 0
owner: somebody => preichl

Fields changed

milestone: SSSD 1.13 => SSSD 1.14 beta

I was helping gparente with a case which turned out to be this issue (Thank you for the great debugging help, German). Since even the customer confirmed our patch fixes the problem, I think we should fix this ticket sooner.

milestone: SSSD 1.14 beta => NEEDS_TRIAGE
owner: preichl => jhrozek
status: new => assigned

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.13 alpha

Fields changed

patch: 0 => 1

resolution: => fixed
status: assigned => closed

Only clone when a downstream specifically requests this one. Otherwise treat as regression testing.

rhbz: todo => 0

Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.13 alpha

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2543

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.