On Thursday 27 October 2005 14:52, C.Lee Taylor wrote: > Greetings ... > > It's been awhile since I have been on this list, so if things have > changed since last, please excuse me. > > I'm running a few Fedora Core 4-64 computers which LDAP for pam, nss > and Samba mainly, with web page access and control in the future for > internal use. > > For quite some time, we seem to be getting corrupt LDAP DB. 1)Your slapd.conf extract has no checkpoint directive, have you got a DB_CONFIG file in your db directory (/home/services/ldap/za/db). You should add both (after reviewing the docs on the FAQ-o-MATIC), and if you stick with 2.2.x, you need to run db_checkpoint via cron or similar. 2)I don't think the Fedora packages run db recovery automatically. > LDAP just > stops working and we can't restarted. Have done slap slapindex -v -c, > but that just hangs. Stop, slapd, and run database recovery ('slapd_db_recover -h /home/services/ldap/za/db' or similar), check the permissions on the db files, and start slapd. > > I have search the online archives and googled the net for any idea of > what might be causing this, but I'm yet to find a reason or means to fix > this. > > So, currently, we restart all the LDAP servers in readonly mode, dump > the DB and restart LDAP in normal mode. If a server falls overs, we > rsync a readonly DB over the broke LDAP and start working again. Well, a resync would be *much* easier with sync-repl ... trash the DB and restart it. But, you probably want 2.3.x for that .. > This has been a problem since FC3, and I have tried OpenLDAP since > 2.2.13 on FC3 to 2.2.26 on FC4 and even compiled some custom rpm > packages for 2.2.28 and 2.2.29 and still seem to be getting this problems. Get a better init script if you're going to stick with 2.2.x. 2.3.x does recovery itself when necessary (and > > Could I ask if somebody could help me trouble shoot this problem. > > > We currently use the slapd.conf that ships with FC and add for our DB's > ... > > database bdb > suffix "dc=leenx,dc=co,dc=za" > rootdn "cn=Manager,dc=leenx,dc=co,dc=za" > rootpw thiscouldbemysecret > directory /home/services/ldap/za/db > #cachesize 500000 > > lastmod on > schemacheck on > > If there is any more details that I could give, please let me know. FYI, I'm running the Mandriva 2.3.11 packages I maintain (and rebuild on RHEL3/RHEL4), you may want to take a look ... http://anorien.csc.warwick.ac.uk/mirrors/buchan/openldap/ I could be convinced to get an FC3 or FC4 chroot installed (x86 or x86_64). Regards, Buchan -- Buchan Milne ISP Systems Specialist B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)
Attachment:
pgpHYRdCUbVk8.pgp
Description: PGP signature