我有一个PHP应用程序,它通过ldap对Active Directory用户进行身份验证,但是定期地,ldap连接显然会在Apache重新启动之前失败。一旦处于此状态"失败状态",没有人可以在重启之前登录。
这有时会在一天内发生3到4次,或者有时会持续几天或几周没有问题。我无法确定任何触发问题的具体方案。
我尝试使用主机名和IP地址进行连接,但这两种情况都会发生。
错误号返回110,这是连接超时。
Apache / 2.4.6(Unix)
PHP / 5.4.21
OpenLDAP版本20437
ldap.max_links无限
<?php
$username= "myuser";
$host = "192.168.0.38";
$user_dn = "DOMAIN\\$username";
$base_dn = "OU=Organization,DC=corp,DC=domain,DC=ch";
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7); //to get debug info
if ($ldap_handle = ldap_connect($host)) {
$bind_result = ldap_bind($ldap_handle, $user_dn, $password);
if ($bind_result) {
$filter = "(samaccountname=$username)";
$justthese = array("givenname","sn","displayname","mail","st","samaccountname","telephonenumber");
$sr = ldap_search($ldap_handle, $base_dn, $filter,$justthese);
$info = ldap_get_entries($ldap_handle, $sr);
ldap_close(); //edit as per comment below
return $info;
} else {
$error=ldap_error($ldap_handle);
ldap_close(); //edit as per comment below
return array("error"=>$error);
}
} else {
$error=ldap_error($ldap_handle);
ldap_close(); //edit as per comment below
return array("error"=>$error);
}
?>
Apache日志包含:
** ld 0x7f82f81d92e0未完成的请求: msgstr 2,origid 2,状态InProgress 杰出的推荐0,父母计数0 ld 0x7f82f81d92e0请求计数1(废弃0) ** ld 0x7f82f81d92e0响应队列: msgstr 2,输入100 ld 0x7f82f81d92e0响应计数1 ldap_chkResponseList ld 0x7f82f81d92e0 msgid 2 all 1 ldap_chkResponseList返回ld 0x7f82f81d92e0 NULL ldap_int_select read1msg:ld 0x7f82f81d92e0 msgid 2 all 1 msgstr 2消息类型搜索结果:read1msg:ld 0x7f82f81d92e0 read1msg:ld 0x7f82f81d92e0 0个新推介 read1msg:mark request completed,ld 0x7f82f81d92e0 msgstr 2 请求已完成:ld 0x7f82f81d92e0 msgstr 2 res_errno:0,res_error:&lt;&gt;,res_matched:&lt;&gt; ldap_free_request(origid 2,msgid 2) msgstr 2类型101:添加响应ld 0x7f82f81d92e0 ldap_parse_result ldap_first_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_values_len ldap_next_attribute ldap_get_dn ldap_free_connection 1 1 ldap_send_unbind ldap_free_connection:实际上已经释放了 ldap_msgfree ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host:TCP 192.168.0.38:389 ldap_new_socket:52 ldap_prepare_socket:52 ldap_connect_to_host:尝试192.168.0.38:389 ldap_pvt_connect:fd:52 tm:-1 async:0 试图连接: ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host:TCP 192.168.0.38:389 ldap_new_socket:56 ldap_prepare_socket:56 ldap_connect_to_host:尝试192.168.0.38:389 ldap_pvt_connect:fd:56 tm:-1 async:0 试图连接: ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host:TCP 192.168.0.38:389 ldap_new_socket:54 ldap_prepare_socket:54 ldap_connect_to_host:尝试192.168.0.38:389 ldap_pvt_connect:fd:54 tm:-1 async:0 试图连接: 连接errno:110 ldap_close_socket:52 ldap_err2string ldap_err2string ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host:TCP 192.168.0.38:389 ldap_new_socket:58 ldap_prepare_socket:58 ldap_connect_to_host:尝试192.168.0.38:389 ldap_pvt_connect:fd:58 tm:-1 async:0 试图连接: 连接errno:110 ldap_close_socket:56 ldap_err2string ldap_err2string ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host:TCP 192.168.0.38:389 ldap_new_socket:33 ldap_prepare_socket:33 ldap_connect_to_host:尝试192.168.0.38:389 ldap_pvt_connect:fd:33 tm:-1 async:0 试图连接: 连接errno:110 ldap_close_socket:54 ldap_err2string ldap_err2string ldap_create ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host:TCP 192.168.0.38:389 ldap_new_socket:52 ldap_prepare_socket:52 ldap_connect_to_host:尝试192.168.0.38:389 ldap_pvt_connect:fd:52 tm:-1 async:0 试图连接: 连接errno:110 ldap_close_socket:58 ldap_err2string ldap_err2string 连接成功 ldap_open_defconn:成功 ldap_send_server_request ldap_result ld 0x7f82f8164f00 msgstr 1 msgstr 1(无限超时)#etc4msg ld 0x7f82f8164f00 wait4msg continue ld 0x7f82f8164f00 msgid 1 all 1 ** ld 0x7f82f8164f00连接: *主机:192.168.0.38端口:389(默认) refcnt:2状态:已连接 上次使用时间:2014年5月14日星期三15:50:27
** ld 0x7f82f8164f00未完成的请求: msgstr 1,原始1,状态InProgress 杰出的推荐0,父母计数0 ld 0x7f82f8164f00请求计数1(废弃0) ** ld 0x7f82f8164f00响应队列: 空 ld 0x7f82f8164f00响应计数0 ldap_chkResponseList ld 0x7f82f8164f00 msgid 1 all 1 ldap_chkResponseList返回ld 0x7f82f8164f00 NULL ldap_int_select read1msg:ld 0x7f82f8164f00 msgid 1 all 1 read1msg:ld 0x7f82f8164f00 msgstr 1消息类型绑定 read1msg:ld 0x7f82f8164f00 0个新推介 read1msg:mark request completed,ld 0x7f82f8164f00 msgstr 1 请求已完成:ld 0x7f82f8164f00 msgstr 1 res_errno:0,res_error:&lt;&gt;,res_matched:&lt;&gt; ldap_free_request(origid 1,msgid 1) ldap_parse_result ldap_msgfree ldap_search put_filter:&#34;(samaccountname = stfra)&#34; put_filter:简单 put_simple_filter:&#34; samaccountname = stfra&#34; ldap_build_search_req ATTRS:givenname sn displayname mail st samaccountname telephonenumber l c st postalcode physicaldeliveryofficename streetaddress title facsimiletelephonenumber ldap_send_initial_request ldap_send_server_request ldap_result ld 0x7f82f8164f00 msgstr 2 msgstr 2(无限超时)wait4msg ld 0x7f82f8164f00 msgstr 2 all 1。等待4msg继续ld 0x7f82f8164f00 ** ld 0x7f82f8164f00连接: *主机:192.168.0.38端口:389(默认) refcnt:2状态:已连接 上次使用时间:2014年5月14日星期三15:50:27
答案 0 :(得分:1)
听起来你没有关闭连接。 使用延迟初始化将ldap_connect包装到类中 并将连接关闭命令放入析构函数