Page MenuHomePhorge
Create Task
Maniphest T1525

Postfix LDAP timed out on clean centos7 installation
Open, NormalPublic
Actions

Description

While trying to create calendar events in roundcube mailbox interface postfix generates multiple LDAP timed out warnings and failed to deliver mails with events. Sometimes it's happening while trying to deliver usual messages. Here are the steps to reproduce this behaviour.

  1. Install latest Kolab 16 following https://docs.kolab.org/installation-guide/centos-7.html and https://docs.kolab.org/installation-guide/setup-kolab.html#installation-guide-setup-kolab guides on the latest CentOS 7 release.
  2. Create POSIX mail-enabled user on kolab webadmin interface
  3. Login to webmail and create new event in calendar with external participants (e.g. gmail.com or hotmail.com) and message reminder

After that some events can not be sent with the following warning|error messages in /var/log/maillog:

...
Sep 22 22:03:32 kolab postfix/trivial-rewrite[2749]: warning: dict_ldap_connect: Unable to bind to server ldap://localhost:389 with dn uid=kolab-service,ou=Special Users,dc=XXXXXXXX,dc=com: -5 (Timed out)
Sep 22 22:03:32 kolab postfix/trivial-rewrite[2749]: warning: ldap:/etc/postfix/ldap/mydestination.cf: table lookup problem
Sep 22 22:03:42 kolab postfix/trivial-rewrite[2749]: warning: dict_ldap_connect: Unable to bind to server ldap://localhost:389 with dn uid=kolab-service,ou=Special Users,dc=XXXXXXXX,dc=com: -5 (Timed out)
Sep 22 22:03:42 kolab postfix/trivial-rewrite[2749]: warning: ldap:/etc/postfix/ldap/mydestination.cf: table lookup problem
Sep 22 22:03:52 kolab postfix/trivial-rewrite[2749]: warning: dict_ldap_connect: Unable to bind to server ldap://localhost:389 with dn uid=kolab-service,ou=Special Users,dc=XXXXXXXX,dc=com: -5 (Timed out)
Sep 22 22:03:52 kolab postfix/trivial-rewrite[2749]: warning: ldap:/etc/postfix/ldap/mydestination.cf: table lookup problem
...

Sometimes LDAP server is blocked continously for more than 10 minutes and servvices can't bind or search in LDAP at this time.

I tried different VMs with local and external IP-addresses and all had the same problem even after clean install and configuration.

CentOS and Kolab versions:

# rpm -qv pykolab
pykolab-0.8.3-3.3.el7.kolab_16.noarch
# cat /etc/centos-release
CentOS Linux release 7.2.1511 (Core)

Details

Ticket Type
Task

Related Objects

Event Timeline

waster created this task.Sep 22 2016, 9:43 PM
lang.ed subscribed.EditedNov 22 2016, 7:55 PM

I am seeing this also, it appears that when it happens no users can login and it usually recovers automatically after about an hour. For some reason rebooting the server does not solve.

machniak subscribed.Nov 22 2016, 9:15 PM

Probably a bug fixed here: https://git.kolab.org/rP54cb493d655bb67719572acd934994161c3751af

machniak added projects: PyKolab, Kolab 16.Nov 22 2016, 9:15 PM
lang.ed added a comment.Nov 22 2016, 10:23 PM

Hi machniak, the current build 16 that we are using already has the fix:
https://git.kolab.org/rP54cb493d655bb67719572acd934994161c3751af

jph subscribed.Nov 28 2016, 3:54 PM
jph added a comment.Nov 28 2016, 3:58 PM

I have the same syptoms on a fully updated kolab16 on centos7.
Rebooting the sever starts things going for a while until ldap is blocked again.
If it happens Roundcube login does not work and sending mails via kontact is blocked.

vanmeeuwen closed this task as Resolved.Dec 2 2016, 3:18 PM
vanmeeuwen claimed this task.
vanmeeuwen subscribed.

This is likely a duplicate of T1988

machniak reopened this task as Open.Dec 5 2016, 10:33 AM

@vanmeeuwen No, this is not a duplicate. The issue still persists with pykolab code from git-master. See Bifrost T16075 for the same issue.

lang.ed added a comment.Dec 5 2016, 3:20 PM

I have implemented T1988 patch, and the problem cannot be replicated.

lang.ed added a comment.Dec 5 2016, 5:21 PM

I spoke too soon, after posting the above comment, the system would not allow me to log in. No calendar entries we made by anyone.

Is there anything I can do to help facilitate researching this problem?

machniak added a comment.Dec 31 2016, 2:07 PM

I'm not able to reproduce the issue anymore.

lang.ed added a comment.Dec 31 2016, 2:25 PM

Are there any other related patches? I searched and was unable to locate similar issues.

lang.ed added a comment.Jan 10 2017, 7:51 PM

I was able ro reproduce the error:

  1. I received a meeting invite.
  2. I accepted the invite
  3. I clicked Update in my calendar.
  4. The webinterface showed saving for about 3 minutes

4.1 Mail and calendar was locked during this time

  1. After recovery 3 minutes mail was working and the calendar was updated

Ed

pasik subscribed.Nov 25 2017, 2:42 PM
vanmeeuwen lowered the priority of this task from 60 to Normal.Mar 22 2019, 12:28 PM

Correcting the priority from 60/40 to Normal