[cifs-protocol] [REG:120080321001822] LDAP connections have hard timelimit of one hour?
Stefan Metzmacher
metze at samba.org
Tue Aug 4 19:27:57 UTC 2020
Am 04.08.20 um 12:37 schrieb Stefan Metzmacher via cifs-protocol:
> Hi Bryan,
>
>> Thank you for the question. We created SR 120080321001822 To track this issue. An engineer will contact you soon.
>
> Thanks! Note the lifetime of the krb5 service tickets seems to be 1
> hour, maybe that's related.
>
> For SMB2 connections there's also a relationship to the lifetime of the
> krb5 service ticket, before the server starts returning
> NT_STATUS_SESSION_EXPIRED.
>
> Maybe the LDAP server is doing something similar.
I was able to reproduce this with a client asking for a ticket lifetime
of just 4 seconds.
It would be good to get that documented and how a client should
handle that.
metze
>> -----Original Message-----
>> From: Stefan Metzmacher <metze at samba.org>
>> Sent: Monday, August 3, 2020 7:54 AM
>> To: Interoperability Documentation Help <dochelp at microsoft.com>
>> Cc: cifs-protocol at lists.samba.org
>> Subject: [EXTERNAL] LDAP connections have hard timelimit of one hour?
>>
>> Hi DocHelp,
>>
>> I just debugged a problem where a Windows AD DC send the following message after exactly 1 hour:
>>
>> LDAPMessage extendedResp(0) (The server has timed out this connection)
>> messageID: 0
>> protocolOp: extendedResp (24)
>> extendedResp
>> resultCode: unavailable (52)
>> matchedDN:
>> errorMessage: The server has timed out this connection
>>
>> The connection was used at least every minute and the last success was returned 2 seconds before this.
>>
>> These are Windows 2019 DCs, is this special to them, or does this happen with any Windows Version?
>>
>> I can't find anything related in [MS-ADTS]
>>
>> Can you clarify this?
>>
>> Thanks!
>> metze
>>
>
>
>
> _______________________________________________
> cifs-protocol mailing list
> cifs-protocol at lists.samba.org
> https://lists.samba.org/mailman/listinfo/cifs-protocol
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20200804/05738cd6/signature.sig>
More information about the cifs-protocol
mailing list