[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap search problem
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Karolis Dautartas wrote:
|
| BM> Karolis Dautartas wrote:
| BM> | hi,
| BM> |
| BM> | I am running an email server with it's user DB stored in LDAP.
| BM> | I am writing to this list because I believe my problem is related to
| BM> | LDAP, not the email software.
| BM> |
| BM> | The problem in general is very simple. Sometimes LDAP searches
return
| BM> | 0 results, although they should definately return exactly 1 result.
| BM> | When this happens, a POP3 user auth would fail and he would be asked
| BM> | for a new password.
| BM> |
| BM> | I have noticed, that these search failures are related to other
| BM> | activity on the server. Say if I am running a "make all" command in
| BM> | PHP directory, LDAP would not be able to perform searches. The
server
| BM> | load isn't at all high at these moments - around 0.7 or so.
| BM> |
| BM> | Has anyone experienced anything like this, and what are possible
| BM> | solutions?
| BM> |
| BM> | I am using Fedora and openldap-2.1.29-1 RPM version.
|
| BM> We can't give any advice (besides "don't compile software on
production
| BM> servers") without more detail. Your slapd.conf would be a start (of
| BM> course, remove the rootpw from it if necessary).
|
| the problem appears not only when I compile things. "make" was just
| one example. slapd.conf follows:
|
| --- start slapd.conf ---
|
| ###
| ### Global options
| ###
|
| include /etc/openldap/schema/core.schema
| include /etc/openldap/schema/cosine.schema
| include /etc/openldap/schema/inetorgperson.schema
| include /etc/openldap/schema/nis.schema
| include /etc/openldap/schema/redhat/autofs.schema
| include /etc/openldap/schema/qmail.schema
| include /etc/openldap/schema/clmu.schema
| include /etc/openldap/schema/pubuser.schema
| include /etc/openldap/schema/horde.schema
|
|
| loglevel 288
| pidfile /var/run/slapd.pid
|
| allow bind_v2
|
| ###
| ### Backend options
| ###
|
| backend bdb
|
| ###
| ### Database options
| ###
|
| database bdb
| suffix "ou=mail"
| rootdn "cn=root,ou=mail"
| rootpw *********************************
| directory /var/lib/ldap
|
No indexes, not BDB tuning, of course you will have performance problems
(especially IO-related), slapd has to read the whole database to find
one entry in your database.
Please, read the slapd-bdb man page (see the coverage of the index
directive) as well as the documentation in the FAQ-o-matic regarding
performance tuning and your chosen database backend:
http://www.openldap.org/faq/data/cache/190.html
You most likely don't have a DB_CONFIG file in your database directory
either, see:
http://www.openldap.org/faq/data/cache/1072.html
http://www.openldap.org/faq/data/cache/893.html
P.S. Please reply to the list unless you want an invoice ...
Regards,
Buchan
- --
Buchan Milne Senior Support Technician
Obsidian Systems http://www.obsidian.co.za
B.Eng RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBuDNlrJK6UGDSBKcRApmDAJ43iuspQHAdjzSIqt1oW45N/JN+0ACeLxzD
eHj0UfWk8RxDWcyQvNcAnX8=
=21gO
-----END PGP SIGNATURE-----