Page created: 24 Jul 2019 |
Page updated: 6 Nov 2019
If a client connection must be disconnected due to the expense of the client's request, such as an unindexed search across a very large database, perform the following:
- Find the client's connection ID by looking in the cn=Active Operations,cn=monitor monitor entry.
$ bin/ldapsearch -baseDN cn=monitor "cn=active operations" \ --bindDN "cn=directory manager" \ --bindPassword password
- The monitor entry will contain attribute values for operation-in-progress, which
look like an access log message. Look for the value of conn in the client
request that should be disconnected. In the following example, the client to be disconnected is
requesting a search for (description=expensive), which is on connection 6.
dn: cn=Active Operations,cn=monitor objectClass: top objectClass: ds-monitor-entry objectClass: ds-active-operations-monitor-entry objectClass: extensibleObject cn: Active Operations num-operations-in-progress: 2 operation-in-progress: [15/Dec/2014:10:55:35 -0600] SEARCH conn=6 op=3 msgID=4 clientIP="10.8.4.21" authDN="cn=app1,ou=applications,dc=example,dc=com" base="dc =example,dc=com" scope=wholeSubtree filter="(description=expensive)" attrs="A LL" unindexed=true operation-in-progress: [15/Dec/2014:10:56:11 -0600] SEARCH conn=7 op=1 msgID=2 clientIP="127.0.0.1" authDN="cn=Directory Manager,cn=Root DNs,cn=config" base="c n=monitor" scope=wholeSubtree filter="(cn=active operations)" attrs="ALL" num-persistent-searches-in-progress: 0
- With the connection ID value, create a file with the following contents, named disconnect6.ldif.
dn: ds-task-id=disconnect6,cn=scheduled Tasks,cn=tasks objectClass: top objectClass: ds-task objectClass: ds-task-disconnect ds-task-disconnect-connection-id: 6 ds-task-id: disconnect6 ds-task-class-name: com.unboundid.directory.server.tasks.DisconnectClientTask
- This LDIF file represents a task entry. The connection ID value 6 is assigned to ds-task-disconnect-connection-id. The value for ds-task-id value does not follow a specific convention. It must be unique among other task entries currently cached by the server.
- Disconnect the client and cancel the associated operation by adding the task entry to the server:
$ bin/ldapmodify --filename disconnect6.ldif \ --defaultAdd --bindDN "cn=directory manager" \ --bindPassword password