[Date Prev][Date Next] [Chronological] [Thread] [Top]

HELP: Continuing Openldap Database Corruption!



Hey All,
We are running openldap 2.1.22 w/ BDB 4.1.25 on two boxes (master adn slave). Lately once a week the databases seem to be getting corrupted on both boxes. Symptoms of these corruptions range from REALLY slow searches, to slapd completely spiraling out of control, becoming unaccessible and bringing server load to 14 (usual load is .1). Most times slapcat/slapadding will fix the problem, although a couple times even this hasnt worked (slapcat freezes at a point or dumps nothing). Thus far db_recover -v has fixed the problem when slapcat/slapadd hasnt.


Anyway, we dont have a monstrous load on either of our servers (server load on both usually hovers around .1). Does anyone have any idea why this happening? Im incuding our slapd.conf file below.

Thanks,
Lee



# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /export/openldap/etc/schema/core.schema
include /export/openldap/etc/schema/misc.schema
include /export/openldap/etc/schema/cosine.schema
include /export/openldap/etc/schema/inetorgperson.schema
include /export/openldap/etc/schema/horde.schema


# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /usr/local/var/slapd.pid
argsfile        /usr/local/var/slapd.args

# Load dynamic backend modules:
# modulepath    /usr/local/libexec/openldap
# moduleload    back_ldap.la
# moduleload    back_ldbm.la
# moduleload    back_passwd.la
# moduleload    back_shell.la

# Define global ACLs to disable default read access.
#defaultaccess none

# ... omitted ACL stuff ... #

database        bdb
suffix          "dc=domain,dc=com"
rootdn          "cn=Manager,ou=software,dc=domain,dc=com"

# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          {SSHA}jklljkkljkljkljkljlkjlkjlkjkljkljkljlkjjlkjkl

# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory       /export/openldap/var/openldap-bdb

index default pres,eq
index objectClass,uid,publicEmailAddress,domainName,emailServiceRenewal pres,eq
index cn pres,eq,sub


loglevel 0

# TLS / SSL
#TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile /export/openldap/etc/ldapcert.pem
TLSCertificateKeyFile /export/openldap/etc/ldapkey.pem
TLSCACertificateFile /export/openldap/etc/demoCA/cacert.pem

replogfile /export/openldap/replog

replica host=host2.com:389
        binddn="cn=whatever,dc=com"
        bindmethod=simple credentials=password