1

Topic: dovecot auth: Error: LDAP: Connection lost to LDAP server, recon...

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.6 OPENLDAP edition.
- Deployed with iRedMail Easy or the downloadable installer? Easy
- Linux/BSD distribution name and version: Ubuntu Linux 16.04.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi!
   We've been getting an issue for some months, after a while, our mail clients ask for the password account and even after providing the password, it keeps on asking. It just works if I restart the Dovecot service.
   Looking at the logs, there were some lines that draw my attention:

auth: Error: LDAP: Connection lost to LDAP server, reconnecting
Nov 13 09:05:02 auth: Error: LDAP: Can't connect to server: OUR-LDAP-SERVER-HERE:389
Nov 13 09:05:03 auth: Error: LDAP: Can't connect to server: OUR-LDAP-SERVER-HERE:389

   A search on Google lead me to something related to the LDAP server timeout, which could be short for our setup.
   So, where can I increase the Dovect LDAP connection timout?

Thanks for any help.
Cheers!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: dovecot auth: Error: LDAP: Connection lost to LDAP server, recon...

Are you running OpenLDAP / MySQL replication or cluster?

3 (edited by zuotoski 2020-11-17 17:51:37)

Re: dovecot auth: Error: LDAP: Connection lost to LDAP server, recon...

ZhangHuangbin wrote:

Are you running OpenLDAP / MySQL replication or cluster?

- iRedMail version (check /etc/iredmail-release): 0.9.6 OPENLDAP edition.
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL

No replication, no cluster - plain, default OpenLDAP setup as described in the documentation.

4

Re: dovecot auth: Error: LDAP: Connection lost to LDAP server, recon...

zuotoski wrote:

Nov 13 09:05:02 auth: Error: LDAP: Can't connect to server: OUR-LDAP-SERVER-HERE:389

This means Dovecot cannot connect to your LDAP server, and openldap service may be not running. You'd better check it when this issue occurs. Also check Dovecot log files to get related errors.

5 (edited by zuotoski 2020-11-17 23:58:03)

Re: dovecot auth: Error: LDAP: Connection lost to LDAP server, recon...

ZhangHuangbin wrote:

Also check Dovecot log files to get related errors.

That's what I did and Google about this error pointed to LDAP server timeout, which means that the server is taking longer to answer than the default timeout.

This is why my question was: How can I change the LDAP timeout connection?

[EDIT]: Sorry, I forgot to say that iRedMail is connecting to a Microsoft AD LDAP server to authenticate, it isn't using the Linux LDAP server.

6

Re: dovecot auth: Error: LDAP: Connection lost to LDAP server, recon...

zuotoski wrote:

This is why my question was: How can I change the LDAP timeout connection?

Wrong question. You should ask, why it took so long? Try to figure it out and fix it.

7

Re: dovecot auth: Error: LDAP: Connection lost to LDAP server, recon...

ZhangHuangbin wrote:
zuotoski wrote:

This is why my question was: How can I change the LDAP timeout connection?

Wrong question. You should ask, why it took so long? Try to figure it out and fix it.

Ok, thanks for your feedback. I´ll try to find out how to increase the timeout by mysoelf... really, thank you!