search

ldapjs / node-ldapjs

LDAP Client and Server API for node.js
http://ldapjs.org
MIT License
1.61k stars 449 forks source link

ECONNRESET when attempting bind or search even with reconnect set to true #823

Closed AustinMutschler closed 1 year ago

AustinMutschler commented 1 year ago

We have been getting a Reconnect error with idle clients.

We do have reconnect: true but it only appears to reconnect after the bind or search fails which then means we need to build our own custom retry logic for the bind and search.

In general, is it advisable to use one LDAP client for all binds and searches or a new LDAP client for each bind? We are trying to decide on the best approach. We don't want to make a lot of LDAP clients that are sitting idle after they are finished being used. What would be a good way to close these connections when they are no longer needed?

jsumners commented 1 year ago

In my experience, LDAP connections are generally used for a single conversation.

Evi-str commented 1 year ago

@jsumners we also were wondering if it's necessary to create a new ldap client for each and every request. We finally decided to create just a single client instance and pass those instance to several sub functions which call bind() unbind() for each search request

  1. client = ldap.createClient()
  2. bind(), search(groupFilter), unbind() -> in order to get a large list of groups
  3. For all members of those groups, we asynchronously send further search requests (via promise + throtteling) in order to fetch all member detail information: bind() search(userFiler) unbind()
  4. process.exit()

We talk about 2000-3000 members here. We use the same client for all requests. So far it works, but when using fast throtteling settings and/or large ldapjs timeout settings (like e.g. 20000 ms) we experience a lot of unsolicited erros like [02:07:39.620] ERROR (ldap-client/13296): unsolicited message and also errors like ConnectionError: 24__ldaps://my.server.intern:3070 closed

As a workaround we also use own retry code (using npm retry package). But the behaviour is strange.

Also tried to listen to various events: http://ldapjs.org/client.html#client-events, but it seems that events like res.on('timeout' err =>etc.) are not possible ? res.on('error') works, though.

jsumners commented 1 year ago

👋

On February 22, 2023, we released version 3 of this library. As a result, we are closing this issue/pull request.

Please see issue #839 for more information, including how to proceed if you feel this closure is in error.