CODEWITHSUNDEEP
phpapacheldapopenldap
Pandy Legend
Pandy Legend

Reputation: 1111

PHP Connection to LDAP fails randomly until Apache restart

I have a PHP application which authenticates Active Directory users via ldap, however periodically, the ldap connection apparently fails until Apache is restarted. Once it is in this "failed state", nobody can log in until the restart.

This sometimes happens 3 or 4 times in one day or sometimes it goes for days or weeks without a problem. I cannot pinpoint any specific scenario which triggers the problem.

I have tried connecting using the hostname and the IP address but this occurs with both.

The error number return is 110, which is a connection timeout.

Apache/2.4.6 (Unix)

PHP/5.4.21

OpenLDAP Version 20437

ldap.max_links Unlimited

<?php
$username= "myuser";
$host    = "192.168.0.38";
$user_dn = "DOMAIN\\$username";
$base_dn = "OU=Organization,DC=corp,DC=domain,DC=ch";
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7); //to get debug info
if ($ldap_handle = ldap_connect($host)) {
    $bind_result = ldap_bind($ldap_handle, $user_dn, $password);
    if ($bind_result) { 
        $filter    = "(samaccountname=$username)";
        $justthese = array("givenname","sn","displayname","mail","st","samaccountname","telephonenumber");
            $sr        = ldap_search($ldap_handle, $base_dn, $filter,$justthese);
            $info      = ldap_get_entries($ldap_handle, $sr);
            ldap_close(); //edit as per comment below
            return $info;
        } else {
            $error=ldap_error($ldap_handle);
            ldap_close(); //edit as per comment below
            return array("error"=>$error);
        }
    } else {
        $error=ldap_error($ldap_handle);
        ldap_close(); //edit as per comment below
        return array("error"=>$error);
    }
?>

The Apache log contains:

** ld 0x7f82f81d92e0 Outstanding Requests: * msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0 ld 0x7f82f81d92e0 request count 1 (abandoned 0) ** ld 0x7f82f81d92e0 Response Queue: * msgid 2, type 100 ld 0x7f82f81d92e0 response count 1 ldap_chkResponseList ld 0x7f82f81d92e0 msgid 2 all 1 ldap_chkResponseList returns ld 0x7f82f81d92e0 NULL ldap_int_select read1msg: ld 0x7f82f81d92e0 msgid 2 all 1 read1msg: ld 0x7f82f81d92e0 msgid 2 message type search-result read1msg: ld 0x7f82f81d92e0 0 new referrals read1msg: mark request completed, ld 0x7f82f81d92e0 msgid 2 request done: ld 0x7f82f81d92e0 msgid 2 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 2, msgid 2) adding response ld 0x7f82f81d92e0 msgid 2 type 101: ldap_parse_result ldap_first_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_dn ldap_free_connection 1 1 ldap_send_unbind ldap_free_connection: actually freed ldap_msgfree ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.0.38:389 ldap_new_socket: 52 ldap_prepare_socket: 52 ldap_connect_to_host: Trying 192.168.0.38:389 ldap_pvt_connect: fd: 52 tm: -1 async: 0 attempting to connect: ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.0.38:389 ldap_new_socket: 56 ldap_prepare_socket: 56 ldap_connect_to_host: Trying 192.168.0.38:389 ldap_pvt_connect: fd: 56 tm: -1 async: 0 attempting to connect: ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.0.38:389 ldap_new_socket: 54 ldap_prepare_socket: 54 ldap_connect_to_host: Trying 192.168.0.38:389 ldap_pvt_connect: fd: 54 tm: -1 async: 0 attempting to connect: connect errno: 110 ldap_close_socket: 52 ldap_err2string ldap_err2string ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.0.38:389 ldap_new_socket: 58 ldap_prepare_socket: 58 ldap_connect_to_host: Trying 192.168.0.38:389 ldap_pvt_connect: fd: 58 tm: -1 async: 0 attempting to connect: connect errno: 110 ldap_close_socket: 56 ldap_err2string ldap_err2string ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.0.38:389 ldap_new_socket: 33 ldap_prepare_socket: 33 ldap_connect_to_host: Trying 192.168.0.38:389 ldap_pvt_connect: fd: 33 tm: -1 async: 0 attempting to connect: connect errno: 110 ldap_close_socket: 54 ldap_err2string ldap_err2string ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP 192.168.0.38:389 ldap_new_socket: 52 ldap_prepare_socket: 52 ldap_connect_to_host: Trying 192.168.0.38:389 ldap_pvt_connect: fd: 52 tm: -1 async: 0 attempting to connect: connect errno: 110 ldap_close_socket: 58 ldap_err2string ldap_err2string connect success ldap_open_defconn: successful ldap_send_server_request ldap_result ld 0x7f82f8164f00 msgid 1 wait4msg ld 0x7f82f8164f00 msgid 1 (infinite timeout) wait4msg continue ld 0x7f82f8164f00 msgid 1 all 1 ** ld 0x7f82f8164f00 Connections: * host: 192.168.0.38 port: 389 (default) refcnt: 2 status: Connected last used: Wed May 14 15:50:27 2014

** ld 0x7f82f8164f00 Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ld 0x7f82f8164f00 request count 1 (abandoned 0) ** ld 0x7f82f8164f00 Response Queue: Empty ld 0x7f82f8164f00 response count 0 ldap_chkResponseList ld 0x7f82f8164f00 msgid 1 all 1 ldap_chkResponseList returns ld 0x7f82f8164f00 NULL ldap_int_select read1msg: ld 0x7f82f8164f00 msgid 1 all 1 read1msg: ld 0x7f82f8164f00 msgid 1 message type bind read1msg: ld 0x7f82f8164f00 0 new referrals read1msg: mark request completed, ld 0x7f82f8164f00 msgid 1 request done: ld 0x7f82f8164f00 msgid 1 res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_parse_result ldap_msgfree ldap_search put_filter: "(samaccountname=stfra)" put_filter: simple put_simple_filter: "samaccountname=stfra" ldap_build_search_req ATTRS: givenname sn displayname mail st samaccountname telephonenumber l c st postalcode physicaldeliveryofficename streetaddress title facsimiletelephonenumber ldap_send_initial_request ldap_send_server_request ldap_result ld 0x7f82f8164f00 msgid 2 wait4msg ld 0x7f82f8164f00 msgid 2 (infinite timeout) wait4msg continue ld 0x7f82f8164f00 msgid 2 all 1 ** ld 0x7f82f8164f00 Connections: * host: 192.168.0.38 port: 389 (default) refcnt: 2 status: Connected last used: Wed May 14 15:50:27 2014

Upvotes: 0

Views: 1017

Answers (1)

volkinc
volkinc

Reputation: 2128

Sounds like you are not closing connections. Wrap ldap_connect to the class with lazy initialization and put connection close command to the destructor

Upvotes: 1

Related Questions