Ldap connector DAP_TIMELIMIT_EXCEEDED
Daniel Fisher
dfisher at vt.edu
Tue Apr 9 23:21:02 EDT 2019
On Tue, Apr 9, 2019 at 3:03 PM cneberg <cneberg at gmail.com> wrote:
> What is the expected behavior of the ldap data connector on the lasted
> IDP when the ldap server returns 3 LDAP_TIMELIMIT_EXCEEDED?
The IDP will process whatever results it has received, that's typically
none since most searches are looking for a single entry.
> One of my upstream ldap servers is over burdened and it appears some
> users who should be found in ldap are not. Then it seems to continue
> their sso session with no attributes.
>
If you're seeing timeLimitExceeded then you're likely processing an empty
result set. Check your logs to confirm.
--Daniel Fisher
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190409/2e89846b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6317 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://shibboleth.net/pipermail/users/attachments/20190409/2e89846b/attachment.p7s>
More information about the users
mailing list