[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap falls without logs



Hi list,
I'm using debian lenny,[1], with openldap 2.4.11 and in many cases
simply to LDAP, while not log information. My slapd.conf is:

# Global Directives:

# Features to permit
allow bind_v2

# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/inetorgperson.schema
include         /etc/ldap/schema/java.schema
include         /etc/ldap/schema/misc.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/openldap.schema
include         /etc/ldap/schema/samba.schema
include         /etc/ldap/schema/qmail.schema
include         /etc/ldap/schema/authldap.schema
include         /etc/ldap/schema/RADIUS-LDAPv3.schema
include         /etc/ldap/schema/ppolicy.schema

# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile         /var/run/slapd/slapd.pid

# List of arguments that were passed to the server
argsfile        /var/run/slapd/slapd.args

# Read slapd.conf(5) for possible values
loglevel        256

# Where the dynamically loaded modules are stored
modulepath      /usr/lib/ldap
moduleload      syncprov
moduleload      back_monitor
moduleload      back_bdb
moduleload      ppolicy
moduleload      unique
moduleload      back_ldap

# TLS
TLSVerifyClient demand
TLSCACertificateFile    /etc/ldap/ssl/server.pem
TLSCertificateFile      /etc/ldap/ssl/server.pem
TLSCertificateKeyFile   /etc/ldap/ssl/server.pem

# The tool-threads parameter sets the actual amount of cpu's that is used
# for indexing.
tool-threads    16
threads         32
#######################################################################
# Specific Backend Directives for hdb:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs

backend         bdb
#######################################################################
# Specific Backend Directives for 'other':
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
#backend                <other>

#######################################################################
# Specific Directives for database #1, of type hdb:
# Database specific directives apply to this databasse until another
# 'database' directive occurs
database        monitor
database        bdb

# The base of your directory in database #1
suffix          "dc=xxx,dc=com,dc=br"
rootdn          "cn=suporte,dc=xxx,dc=com,dc=br"
rootpw          blablabla
overlay         unique
unique_uri      ldap:///?mail?sub?
overlay         syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

# Where the database file are physically stored for database #1
directory       "/var/lib/ldap"
idletimeout     30
checkpoint      128     15
cachesize       100000
lastmod         on
sizelimit unlimited

index   objectClass     eq
index   cn              pres,sub,eq
index   sn              pres,sub,eq
index   uid             pres,sub,eq
index   displayName     pres,sub,eq
index   uniqueMember    eq
index   uidNumber       eq
index   gidNumber       eq
index   memberUID       eq
index   mailAlternateAddress    eq
index   MailForwardingAddress   eq
index   mail    pres,sub,eq
index   default sub
index   sambaSID,sambaPrimaryGroupSID,sambaDomainName   eq
index   sambaSIDList,sambaGroupType     eq
index   givenName       pres,sub,eq
index   homePhone       eq
index   shadowExpire,shadowLastChange,shadowMax,shadowWarning   eq
index   entryCSN,entryUUID      eq

# Ensure read access to the base for things like
# supportedSASLMechanisms.  Without this you may
# have problems with SASL not knowing what
# mechanisms are available and the like.
# Note that this is covered by the 'access to *'
# ACL below too but if you change that as people
# are wont to do you'll still need this if you
# want SASL (and possible other things) to work
# happily.

# ACLs
access  to attrs=userPassword,sambaLMPassword,sambaNTPassword
        by self write
        by anonymous auth
        by * none

access to *
        by * read


P.S. note that the loglevel is 256 and I have no record of trouble.

[1]. Linux ldap 2.6.26-2-686 #1 SMP Wed Aug 19 06:06:52 UTC 2009 i686
GNU/Linux
-- 
Márcio Luciano Donada <mdonada -at- auroraalimentos -dot- com -dot- br>
Aurora Alimentos - Cooperativa Central Oeste Catarinense
Departamento de T.I.