[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap 2.1.17 - slapd running, can't kill and netstat does not show port 389. How do I fix?? Was previously working

I'm betting your database was corrupted from an unclean shutdown. 
Probably need to run the BerkeleyDB command 'db_recover' on the database
directory (after you kill slapd).
-Alan

kkoehler said:
> I had openldap running for weeks.  What I noticed is the customer
> rebooted the Linux box (RedHat 9.0)  and now when openldap starts, I get
>  a "Can't contact openldap server".  The slapd process is running but
> when I do a netstat -ant , it is not bound to the port.  I did not
> change any of the configuration files.  Help!  I've been digging around
> on the net without success how to fix this.  Here is my config file and
> my debug file (which shows no errors).  I tried killing with 15 and it
> catches it but doesn't kill the process.  Any help would be
> appreciated!!! I also simulated this problem on my RedHat 8.0.
> Also - here is my startup script:
>
>
>   /usr/local/openldap/servers/slapd/slapd -f
> /usr/local/etc/openldap/slapd.conf
> -h ldap://www.company.net:389 -d 1 > /var/log/ldap.log 2>&1 &
> --------------------------------------------------------------------------------
> #
> # if no access controls are present, the default policy is:
> #       Allow read by all
> #
> # rootdn can always write!
>
> #######################################################################
> # ldbm database definitions
> #######################################################################
>
> database        bdb
> suffix          "dc=mac,dc=com"
> rootdn          "cn=Manager,dc=mac,dc=com"
> # Cleartext passwords, especially for the rootdn, should
> # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
> # Use of strong authentication encouraged.
> rootpw          secret
> # The database directory MUST exist prior to running slapd AND
> # should only be accessible by the slapd and slap tools.
> # Mode 700 recommended.
> directory       /usr/local/var/openldap-data
> # Indices to maintain
> index   objectClass     eq
> Loglevel 1
>
>
> Here is my debug - which shows no errors:
>
> @(#) $OpenLDAP: slapd 2.1.17 (May 28 2003 02:00:22) $
>         root@company.net:/usr/local/openldap-2.1.17/servers/slapd
> daemon_init: listen on ldap://www.company.net:389
> daemon_init: 1 listeners to open...
> ldap_url_parse_ext(ldap://www.company.net:389)
> daemon: initialized ldap://www.company.net:389
> daemon_init: 1 listeners opened
> slapd init: initiated server.
> slap_sasl_init: initialized!
> bdb_initialize: initialize BDB backend
> bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19,
> 2002)
>  >>> dnNormalize: <cn=Subschema>
> => ldap_bv2dn(cn=Subschema,0)
> <= ldap_bv2dn(cn=Subschema,0)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=subschema,272)=0
> <<< dnNormalize: <cn=subschema>
> bdb_db_init: Initializing BDB database
>  >>> dnPrettyNormal: <dc=mac,dc=com>
> => ldap_bv2dn(dc=mac,dc=com,0)
> <= ldap_bv2dn(dc=mac,dc=com,0)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(dc=mac,dc=com,272)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(dc=mac,dc=com,272)=0
> <<< dnPrettyNormal: <dc=mac,dc=com>, <dc=mac,dc=com>
>  >>> dnPrettyNormal: <cn=Manager,dc=mac,dc=com>
> => ldap_bv2dn(cn=Manager,dc=mac,dc=com,0)
> <= ldap_bv2dn(cn=Manager,dc=mac,dc=com,0)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=Manager,dc=mac,dc=com,272)=0
> => ldap_dn2bv(272)
> <= ldap_dn2bv(cn=manager,dc=mac,dc=com,272)=0
> <<< dnPrettyNormal: <cn=Manager,dc=mac,dc=com>,
> <cn=manager,dc=mac,dc=com> matching_rule_use_init
>     1.2.840.113556.1.4.804 (integerBitOrMatch): matchingRuleUse: (
> 1.2.840.11355
> 6.1.4.804 NAME 'integerBitOrMatch' APPLIES ( mailPreferenceOption $
> supportedLDA
> PVersion ) )
>     1.2.840.113556.1.4.803 (integerBitAndMatch): matchingRuleUse: (
> 1.2.840.1135
> 56.1.4.803 NAME 'integerBitAndMatch' APPLIES ( mailPreferenceOption $
> supportedL
> DAPVersion ) )
>     1.3.6.1.4.1.1466.109.114.2 (caseIgnoreIA5Match): matchingRuleUse: (
> 1.3.6.1.
> 4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' APPLIES ( janetMailbox $
> cNAMERecor
> d $ sOARecord $ nSRecord $ mXRecord $ mDRecord $ aRecord $ email $
> associatedDom
> ain $ dc $ mail $ altServer ) )
>     1.3.6.1.4.1.1466.109.114.1 (caseExactIA5Match): matchingRuleUse: (
> 1.3.6.1.4
> .1.1466.109.114.1 NAME 'caseExactIA5Match' APPLIES ( janetMailbox $
> cNAMERecord
> $ sOARecord $ nSRecord $ mXRecord $ mDRecord $ aRecord $ email $
> associatedDomai
> n $ dc $ mail $ altServer ) )
>     2.5.13.30 (objectIdentifierFirstComponentMatch): matchingRuleUse: (
> 2.5.13.3
> 0 NAME 'objectIdentifierFirstComponentMatch' APPLIES (
> supportedApplicationConte
> xt $ ldapSyntaxes $ matchingRuleUse $ objectClasses $ attributeTypes $
> matchingR
> ules $ supportedFeatures $ supportedExtension $ supportedControl $
> structuralObj
> ectClass $ objectClass ) )
>     2.5.13.29 (integerFirstComponentMatch): matchingRuleUse: ( 2.5.13.29
>
> NAME 'i
> ntegerFirstComponentMatch' APPLIES ( mailPreferenceOption $
> supportedLDAPVersion
>  ) )
>     2.5.13.27 (generalizedTimeMatch): matchingRuleUse: ( 2.5.13.27 NAME
> 'general
> izedTimeMatch' APPLIES ( modifyTimestamp $ createTimestamp ) )
>     2.5.13.24 (protocolInformationMatch): matchingRuleUse: ( 2.5.13.24
> NAME 'pro
> tocolInformationMatch' APPLIES protocolInformation )
>     2.5.13.23 (uniqueMemberMatch): matchingRuleUse: ( 2.5.13.23 NAME
> 'uniqueMemb
> erMatch' APPLIES uniqueMember )
>     2.5.13.22 (presentationAddressMatch): matchingRuleUse: ( 2.5.13.22
> NAME 'pre
> sentationAddressMatch' APPLIES presentationAddress )
>     2.5.13.20 (telephoneNumberMatch): matchingRuleUse: ( 2.5.13.20 NAME
> 'telepho
> neNumberMatch' APPLIES ( pager $ mobile $ homePhone $ telephoneNumber )
> )
>     2.5.13.17 (octetStringMatch): matchingRuleUse: ( 2.5.13.17 NAME
> 'octetString
> Match' APPLIES userPassword )
>     2.5.13.16 (bitStringMatch): matchingRuleUse: ( 2.5.13.16 NAME
> 'bitStringMatc
> h' APPLIES x500UniqueIdentifier )
>     2.5.13.14 (integerMatch): matchingRuleUse: ( 2.5.13.14 NAME
> 'integerMatch' A
> PPLIES ( mailPreferenceOption $ supportedLDAPVersion ) )
>     2.5.13.13 (booleanMatch): matchingRuleUse: ( 2.5.13.13 NAME
> 'booleanMatch' A
> PPLIES hasSubordinates )
>     2.5.13.11 (caseIgnoreListMatch): matchingRuleUse: ( 2.5.13.11 NAME
> 'caseIgno
> reListMatch' APPLIES ( homePostalAddress $ registeredAddress $
> postalAddress ) )
>     2.5.13.8 (numericStringMatch): matchingRuleUse: ( 2.5.13.8 NAME
> 'numericStri
> ngMatch' APPLIES ( internationaliSDNNumber $ x121Address ) )
>     2.5.13.7 (caseExactSubstringsMatch): matchingRuleUse: ( 2.5.13.7
> NAME 'caseE
> xactSubstringsMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber
>  ) )
>     2.5.13.6 (caseExactOrderingMatch): matchingRuleUse: ( 2.5.13.6 NAME
> 'caseExa
> ctOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber ) )
>     2.5.13.5 (caseExactMatch): matchingRuleUse: ( 2.5.13.5 NAME
> 'caseExactMatch'
>  APPLIES ( preferredLanguage $ employeeType $ employeeNumber $
> displayName $ dep
> artmentNumber $ carLicense $ documentPublisher $ buildingName $
> organizationalSt
> atus $ uniqueIdentifier $ co $ personalTitle $ documentLocation $
> documentVersio
> n $ documentTitle $ documentIdentifier $ host $ userClass $ roomNumber $
>  drink $
>  info $ textEncodedORAddress $ uid $ labeledURI $ dmdName $
> houseIdentifier $ dn
> Qualifier $ generationQualifier $ initials $ givenName $
> destinationIndicator $
> physicalDeliveryOfficeName $ postOfficeBox $ postalCode $
> businessCategory $ des
> cription $ title $ ou $ o $ street $ st $ l $ c $ serialNumber $ sn $
> knowledgeI
> nformation $ cn $ name $ ref $ vendorVersion $ vendorName $
> supportedSASLMechani
> sms ) )
>     2.5.13.3 (caseIgnoreOrderingMatch): matchingRuleUse: ( 2.5.13.3 NAME
>
> 'caseIg
> noreOrderingMatch' APPLIES ( dnQualifier $ destinationIndicator $
> serialNumber )
>  )
>     2.5.13.2 (caseIgnoreMatch): matchingRuleUse: ( 2.5.13.2 NAME
> 'caseIgnoreMatc
> h' APPLIES ( preferredLanguage $ employeeType $ employeeNumber $
> displayName $ d
> epartmentNumber $ carLicense $ documentPublisher $ buildingName $
> organizational
> Status $ uniqueIdentifier $ co $ personalTitle $ documentLocation $
> documentVers
> ion $ documentTitle $ documentIdentifier $ host $ userClass $ roomNumber
>  $ drink
>  $ info $ textEncodedORAddress $ uid $ labeledURI $ dmdName $
> houseIdentifier $
> dnQualifier $ generationQualifier $ initials $ givenName $
> destinationIndicator
> $ physicalDeliveryOfficeName $ postOfficeBox $ postalCode $
> businessCategory $ d
> escription $ title $ ou $ o $ street $ st $ l $ c $ serialNumber $ sn $
> knowledg
> eInformation $ cn $ name $ ref $ vendorVersion $ vendorName $
> supportedSASLMecha
> nisms ) )
>     2.5.13.1 (distinguishedNameMatch): matchingRuleUse: ( 2.5.13.1 NAME
> 'disting
> uishedNameMatch' APPLIES ( dITRedirect $ associatedName $ secretary $
> documentAu
> thor $ manager $ seeAlso $ roleOccupant $ owner $ member $
> distinguishedName $ a
> liasedObjectName $ namingContexts $ subschemaSubentry $ modifiersName $
> creators
> Name ) )
>     2.5.13.0 (objectIdentifierMatch): matchingRuleUse: ( 2.5.13.0 NAME
> 'objectId
> entifierMatch' APPLIES ( supportedApplicationContext $ supportedFeatures
>  $ suppo
> rtedExtension $ supportedControl $ structuralObjectClass $ objectClass )
> ) slapd startup: initiated.
> bdb_db_open: dbenv_open(/usr/local/var/openldap-data)
> slap_sig_shutdown: signal 15
>
>
> Thanks,
>
> Kathy
> kkoehler@comcast.net


===========
Alan Sparks, UNIX/Linux Systems Administrator    <asparks@doublesparks.net>