[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
HELP: Continuing Openldap Database Corruption!
Hey All,
We are running openldap 2.1.22 w/ BDB 4.1.25 on two boxes (master adn
slave). Lately once a week the databases seem to be getting corrupted
on both boxes. Symptoms of these corruptions range from REALLY slow
searches, to slapd completely spiraling out of control, becoming
unaccessible and bringing server load to 14 (usual load is .1). Most
times slapcat/slapadding will fix the problem, although a couple times
even this hasnt worked (slapcat freezes at a point or dumps nothing).
Thus far db_recover -v has fixed the problem when slapcat/slapadd
hasnt.
Anyway, we dont have a monstrous load on either of our servers (server
load on both usually hovers around .1). Does anyone have any idea why
this happening? Im incuding our slapd.conf file below.
Thanks,
Lee
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27
20:00:31 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /export/openldap/etc/schema/core.schema
include /export/openldap/etc/schema/misc.schema
include /export/openldap/etc/schema/cosine.schema
include /export/openldap/etc/schema/inetorgperson.schema
include /export/openldap/etc/schema/horde.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
# Load dynamic backend modules:
# modulepath /usr/local/libexec/openldap
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
# Define global ACLs to disable default read access.
#defaultaccess none
# ... omitted ACL stuff ... #
database bdb
suffix "dc=domain,dc=com"
rootdn "cn=Manager,ou=software,dc=domain,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw {SSHA}jklljkkljkljkljkljlkjlkjlkjkljkljkljlkjjlkjkl
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory /export/openldap/var/openldap-bdb
index default pres,eq
index objectClass,uid,publicEmailAddress,domainName,emailServiceRenewal
pres,eq
index cn pres,eq,sub
loglevel 0
# TLS / SSL
#TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile /export/openldap/etc/ldapcert.pem
TLSCertificateKeyFile /export/openldap/etc/ldapkey.pem
TLSCACertificateFile /export/openldap/etc/demoCA/cacert.pem
replogfile /export/openldap/replog
replica host=host2.com:389
binddn="cn=whatever,dc=com"
bindmethod=simple credentials=password