ldapsearch -x -b "uid=testuser,cn=users,cn=accounts,dc=example,dc=com"
#!/usr/bin/env pythonimport sysimport ldapfrom ldap import LDAPErrorSUFFIX = "dc=example,dc=com"LDAPSERVER = "ipa.example.com"if not len(sys.argv) == 2:raise sys.exit("Wrong arguments. Only argument should be the username")uid = sys.argv[1]search = "uid=%s,cn=users,cn=accounts,%s" % (uid, SUFFIX)try:conn = ldap.initialize("ldap://%s" % (LDAPSERVER))conn.simple_bind_s()response = conn.search_s(search ,ldap.SCOPE_BASE, "(objectClass=*)", ["ipaSshPubKey", "ipaSshSigTimestamp", "loginshell"])except LDAPError, e:print eprint "Error getting info from LDAP. Either wrong username or issues with LDAP server "raise sys.exit(-1)
On 09/02/2015 09:45 PM, Prashant Bapat wrote:
Hi,
We have been using 389-ds as part of FreeIPA. In one of our environments, we have 2 389-ds installations with replication.
What version? rpm -q 389-ds-base
Randomly, the 389-ds on either of them completely freezes and there are high number of CLOSE_WAITs on tcp/389 port.
http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-hangs
Only way to recover from this situation is to either reboot or "kill -9" the ns-slapd process. Graceful restarts get stuck indefinitely.
One curious thing when this happens, a search using "ldapsearch" command seems to work but a search using a python-ldap client does not. FreeIPA does not work either.
Can you be more specific? What is the exact ldapsearch command line, and can you post/pastebin an excerpt of your python-ldap script?
Any pointers on troubleshooting this would be appreciated.
Thanks.--Prashant
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users