[PSMDB-583] Detect a connection loss to LDAP server and reconnect automatically - Percona JIRA

XML

Word

Printable

Details

Type: Bug
Status: Done
Priority: Medium
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.6.19-7.0, 4.2.8-8, 4.0.20-13
Component/s: None
Labels:
None

Description

If there were any issues with connection to LDAP server (either networking issues, or restart of LDAP server), after the connection is restored user is unable to log in to DB.

STR:

1) start PSMDB

2) restart LDAP server or temporary break connection to LDAP

3) connection to LDAP server is restored

Actual behavior:

User can't log in due to error 'Can't contact LDAP server', restart of PSMDB helps to resolve the issue

Expected behavior:

User is able to log in without restart

Logs:

vagrant@bionic:~$ sudo systemctl restart mongod
vagrant@bionic:~$ sudo systemctl restart slapd
vagrant@bionic:~$ mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
connecting to: mongodb://127.0.0.1:27017/?authMechanism=PLAIN&authSource=%24external&compressors=disabled&gssapiServiceName=mongodb
2020-03-04T11:30:52.719+0000 E  QUERY    [js] Error: LDAP search failed with error: Can't contact LDAP server :
connect@src/mongo/shell/mongo.js:341:17
@(connect):3:6
2020-03-04T11:30:52.721+0000 F  -        [main] exception: connect failed
2020-03-04T11:30:52.721+0000 E  -        [main] exiting with code 1
vagrant@bionic:~$ sudo systemctl restart mongod
vagrant@bionic:~$ mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
connecting to: mongodb://127.0.0.1:27017/?authMechanism=PLAIN&authSource=%24external&compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("7db520bc-72a6-464c-a101-37d93886c8cc") }
> 
bye

vagrant@bionic:~$ sudo systemctl restart mongod
vagrant@bionic:~$ sudo iptables -A INPUT -p tcp --destination-port 389 -j DROP
vagrant@bionic:~$ date && mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
Wed Mar  4 11:10:41 UTC 2020
connecting to: mongodb://127.0.0.1:27017/?authMechanism=PLAIN&authSource=%24external&compressors=disabled&gssapiServiceName=mongodb
2020-03-04T11:26:20.685+0000 E  QUERY    [js] Error: LDAP search failed with error: Can't contact LDAP server :
connect@src/mongo/shell/mongo.js:341:17
@(connect):3:6
2020-03-04T11:26:20.691+0000 F  -        [main] exception: connect failed
2020-03-04T11:26:20.691+0000 E  -        [main] exiting with code 1
vagrant@bionic:~$ sudo iptables -D INPUT -p tcp --destination-port 389 -j DROP
vagrant@bionic:~$ date && mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
Wed Mar  4 11:27:17 UTC 2020
connecting to: mongodb://127.0.0.1:27017/?authMechanism=PLAIN&authSource=%24external&compressors=disabled&gssapiServiceName=mongodb
2020-03-04T11:27:17.881+0000 E  QUERY    [js] Error: LDAP search failed with error: Can't contact LDAP server :
connect@src/mongo/shell/mongo.js:341:17
@(connect):3:6
2020-03-04T11:27:17.883+0000 F  -        [main] exception: connect failed
2020-03-04T11:27:17.883+0000 E  -        [main] exiting with code 1
vagrant@bionic:~$ sudo systemctl restart mongod
vagrant@bionic:~$ date && mongo -u exttestrw@percona.com -p "password" --authenticationDatabase '$external' --authenticationMechanism 'PLAIN'
Wed Mar  4 11:27:33 UTC 2020
> 
bye

Attachments

Issue Links

relates to

PSMDB-621 Bug in escape characters in ldap userToDNMapping

Done

PSMDB-630 Some LDAP servers drop idle connections upon timeout

Done

Activity

People

Assignee:: Igor Solodovnikov

Reporter:: Sandra Romanchenko

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 04/Mar/20 11:14 AM

Updated:: 01/Sep/20 4:16 PM

Resolved:: 26/Jun/20 2:56 PM

Time Tracking

Estimated:

Not Specified

Remaining: