[37298] in Kerberos
Re: how to set ldap connection timeout in KDC
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Nov 3 13:02:58 2015
To: Jim Shi <hanmao_shi@apple.com>, kerberos@mit.edu
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <5638F6BD.4000100@mit.edu>
Date: Tue, 3 Nov 2015 13:02:37 -0500
MIME-Version: 1.0
In-Reply-To: <47239FA7-6C15-497F-B4B6-A5A5DF8E8D96@apple.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 11/02/2015 04:55 PM, Jim Shi wrote:
> Hi, I try to find out what is the default ldap connection timeout in KDC.
> I looked at the kdc source code and could not find out.
> Is there a way to override the default timeout?
It looks like the timeout is hardcoded to 10 seconds in
krb5_ldap_db_init(), where we set the LDAP_OPT_NETWORK_TIMEOUT option.
This doesn't seem like good behavior on our part; we should either make
it configurable, or let the LDAP library use its default (which is no
timeout, but could be overridden via ldap.conf).
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
