The server must disconnect a client connection
If a client connection must be disconnected due to the expense of the client’s request, such as an unindexed search across a very large database, perform the following:
-
Find the client’s connection ID by looking in the
cn=Active Operations,cn=monitor monitor
entry.$ bin/ldapsearch -baseDN cn=monitor "cn=active operations" \ --bindDN "cn=directory manager" \ --bindPassword password
-
The monitor entry will contain attribute values for
operation-in-progress
, which look like an access log message. Look for the value ofconn
in the client request that should be disconnected. In the following example, the client to be disconnected is requesting a search for(description=expensive)
, which is on connection 6.dn: cn=Active Operations,cn=monitor objectClass: top objectClass: ds-monitor-entry objectClass: ds-active-operations-monitor-entry objectClass: extensibleObject cn: Active Operations num-operations-in-progress: 2 operation-in-progress: [15/Dec/2014:10:55:35 -0600] SEARCH conn=6 op=3 msgID=4 clientIP="10.8.4.21" authDN="cn=app1,ou=applications,dc=example,dc=com" base="dc =example,dc=com" scope=wholeSubtree filter="(description=expensive)" attrs="A LL" unindexed=true operation-in-progress: [15/Dec/2014:10:56:11 -0600] SEARCH conn=7 op=1 msgID=2 clientIP="127.0.0.1" authDN="cn=Directory Manager,cn=Root DNs,cn=config" base="c n=monitor" scope=wholeSubtree filter="(cn=active operations)" attrs="ALL" num-persistent-searches-in-progress: 0
-
With the connection ID value, create a file with the following contents, named
disconnect6.ldif
.dn: ds-task-id=disconnect6,cn=scheduled Tasks,cn=tasks objectClass: top objectClass: ds-task objectClass: ds-task-disconnect ds-task-disconnect-connection-id: 6 ds-task-id: disconnect6 ds-task-class-name: com.unboundid.directory.server.tasks.DisconnectClientTask
-
This LDIF file represents a task entry. The connection ID value 6 is assigned to
ds-task-disconnect-connection-id
. The value fords-task-id
value does not follow a specific convention. It must be unique among other task entries currently cached by the server. -
Disconnect the client and cancel the associated operation by adding the task entry to the server:
$ bin/ldapmodify --filename disconnect6.ldif \ --defaultAdd --bindDN "cn=directory manager" \ --bindPassword password