Module: check_mk
Branch: master
Commit: 396ee8524aa590c426ba5e9615ec8f44b6cbb657
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=396ee8524aa590…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Fri Aug 23 09:39:54 2013 +0200
ldap: Trying to handle unstable ldap connections a bit better
---
web/plugins/userdb/ldap.py | 69 +++++++++++++++++++++++++++-----------------
1 file changed, 42 insertions(+), 27 deletions(-)
diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index 1e8d2c4..d58d873 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -304,37 +304,52 @@ def ldap_search(base, filt = '(objectclass=*)', columns =
[], scope = None):
ldap_log('LDAP_SEARCH "%s" "%s" "%s"
"%r"' % (base, scope, filt, columns))
start_time = time.time()
- result = []
- try:
-
- search_func = config.ldap_connection.get('page_size') \
- and ldap_paged_async_search or ldap_async_search
- for dn, obj in search_func(base, scope, filt, columns):
- if dn is None:
- continue # skip unwanted answers
- new_obj = {}
- for key, val in obj.iteritems():
- # Convert all keys to lower case!
- new_obj[key.lower().decode('utf-8')] = [
i.decode('utf-8') for i in val ]
- result.append((dn, new_obj))
- except ldap.NO_SUCH_OBJECT, e:
- raise MKLDAPException(_('The given base object "%s" does not exist
in LDAP (%s))') % (base, e))
-
- except ldap.FILTER_ERROR, e:
- raise MKLDAPException(_('The given ldap filter "%s" is invalid
(%s)') % (filt, e))
-
- except ldap.SIZELIMIT_EXCEEDED:
- raise MKLDAPException(_('The response reached a size limit. This could be due
to '
- 'a sizelimit configuration on the LDAP server.<br
/>Throwing away the '
- 'incomplete results. You should change the scope of
operation '
- 'within the ldap or adapt the limit settings of the
LDAP server.'))
+ # In some environments, the connection to the LDAP server does not seem to
+ # be as stable as it is needed. So we try to repeat the query for three times.
+ tries_left = 3
+ success = False
+ while not success:
+ tries_left -= 1
+ try:
+ result = []
+ try:
+ search_func = config.ldap_connection.get('page_size') \
+ and ldap_paged_async_search or ldap_async_search
+ for dn, obj in search_func(base, scope, filt, columns):
+ if dn is None:
+ continue # skip unwanted answers
+ new_obj = {}
+ for key, val in obj.iteritems():
+ # Convert all keys to lower case!
+ new_obj[key.lower().decode('utf-8')] = [
i.decode('utf-8') for i in val ]
+ result.append((dn, new_obj))
+ success = True
+ except ldap.NO_SUCH_OBJECT, e:
+ raise MKLDAPException(_('The given base object "%s" does
not exist in LDAP (%s))') % (base, e))
+
+ except ldap.FILTER_ERROR, e:
+ raise MKLDAPException(_('The given ldap filter "%s" is
invalid (%s)') % (filt, e))
+
+ except ldap.SIZELIMIT_EXCEEDED:
+ raise MKLDAPException(_('The response reached a size limit. This
could be due to '
+ 'a sizelimit configuration on the LDAP
server.<br />Throwing away the '
+ 'incomplete results. You should change the
scope of operation '
+ 'within the ldap or adapt the limit settings
of the LDAP server.'))
+ except ldap.SERVER_DOWN:
+ if tries_left:
+ ldap_log(' Received SERVER_DOWN. Retrying...')
+ time.sleep(0.5)
+ else:
+ break
duration = time.time() - start_time
+
+ if not success:
+ raise MKLDAPException(_('Unable to successfully perform the LDAP search.
'
+ 'Maybe there is a connection problem with the LDAP
server.'))
+
ldap_log(' RESULT length: %d, duration: %0.3f' % (len(result), duration))
return result
- #return ldap_connection.search_s(base, scope, filter, columns)
- #for dn, obj in ldap_connection.search_s(base, scope, filter, columns):
- # html.log(repr(dn) + ' ' + repr(obj))
# Returns the ldap filter depending on the configured ldap directory type
def ldap_filter(key, handle_config = True):