Re: ldap backend + ldapi (fwd)

[Dieter Kluenter <dieter@dkluenter.de>]

Daniel Henninger <daniel@unity.ncsu.edu> writes:

>>> 777 which is not default on many systems.
>>
>> Sorry my mistake, it has to be world writeable, but the mod is
>> identical 777.
>
> Well, the odd thing about this is, it "was" working, and then, at one
> point, stopped working.  =)  I never touched the permissions, but you are
> correct, it's not set world writable.  I wonder why it worked before?
> (it's almost like it had a 'slow leak' somewhere, because it took about a
> day before the ldapi connection stopped behaving)
>
>
>
> As it turns out, ldap://localhost/ is also failing.  It never happens
> immediately, but "at some point", the ldap backend stops bothering to
> do anything it seems.  Anyone have any suggestions?  Basically the
> whole purposes of this is to make o=NCSU,c=US continue to work while
> our new base dn is dc=ncsu,dc=edu.  Ideally I'd like to be able to
> have both work "forever".  Any suggestions?  I'm out of ideas as to
> how to get the ldap backend to be stable.  =/  I can not make sense of
> when it elects to die. It doesn't seem to be easily reproducable.

Frankly, I'm at present using back-ldap with proxycache over ldapi for
postfix authentication and mailrouting, the uptime is now 38 days.I
must admit that it is an elder HEAD version. But even with 2.1.13
back-meta with a few rewriting rules was rock stable, but without
proxycache at that time. While back-ldap has about 4 search requests
per minute, the server (2.2.14) answers more than 40 search requests per
minute, as it primarily supports pam and an addressbook.

-Dieter
-- 
Dieter Klünter | Systemberatung
Tel.: +49.40.64861967
Fax : +49.40.64891521
http://www.avci.de