[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
occasional user entry being deleted
- To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
- Subject: occasional user entry being deleted
- From: Al <afrunning@gmail.com>
- Date: Tue, 20 Jan 2015 09:38:35 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=JOnJ7WUpP6un/smSjjPyUmn2I8T7mrhahIJXqcCVmqQ=; b=bgKwoQGIER4fY0Xs3g7R4qKTgHaREytWMbvgfNP9Hd/K+QfmjsNLAGReIEuGogVvBz JaDuxrSfFvFB3GSyDX4SN3K2kUMMVGY3DTBOXVvsjvDAzSH2qakk6vuDOVmqccezqX8B XU/WiMQKNI4r+Wp5IRz+9669xyhjy3IS2vn9koGWzrfhTIjKT6eiHY9si84/xdjlle48 4lK7wyFKeQA46+WWoB6RCyM7z9XLH3KKjk38arw+lvv8nUs6poNiM/+spL/0YPI0MHEY mP+jS60Oy6TrAStGjsmKaR7l1REcwykNY7VF9SSChJrLesRPh0sRw1eSnLdgHQayU3rg OtRw==
Hi All -
I'm having an odd issue where on a rare occasion (a couple of times a
week), a new LDAP user entry is being deleted shortly after it is
created. Sometimes it happens within a few minutes, sometimes it
happens within an hour or so.
I have a 4 way multi-master setup, with all writes being directed at a
single server with a load balancer. I have the auditlog enabled (from
failed attempts at delta sync) and I see auditDelete entries in the
auditdb, but its being executed from the internal admin user, not a
"real" user. I do not see anything suspect in my system logs running
at the normal loglevel.
I'm running 2.4.39 on Redhat 6, x64 with mdb. Below is a snippet of
my configuration from the specific database in question. Does anyone
know why this might be occurring? Any idea on how to further
troubleshoot this issue?
Thanks in advance -
Al
dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /PATH/TO/OPENLDAP/var/openldap-data
olcSuffix: dc=company,dc=com
olcAddContentAcl: FALSE
olcLastMod: TRUE
olcLimits: {0}dn.base="XXXXXXX" size.soft=unlimited
size.hard=unlimited time.soft=unlimited time.hard=unlimited
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcRootDN: cn=Manager,dc=company,dc=com
olcRootPW:: XXXXXXXXX
olcSyncUseSubentry: FALSE
olcMirrorMode: TRUE
olcMonitoring: TRUE
olcDbCheckpoint: 512 5
olcDbNoSync: TRUE
olcDbIndex: objectClass eq
olcDbIndex: entryUUID eq
olcDbIndex: entryCSN eq
olcDbIndex: cn pres,eq,sub
olcDbIndex: uid eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: uniqueMember eq
olcDbIndex: nisNetgroupTriple eq
olcDbIndex: sudoUser eq,sub
olcDbIndex: mail eq
olcDbIndex: pwmToken eq,sub
olcDbIndex: memberOf eq
olcDbMaxSize: 25000000000
olcDbMode: 0600
structuralObjectClass: olcMdbConfig
entryUUID: xxxx-xxxx-xxxxx-xxxxx
creatorsName: cn=config
createTimestamp: 20111014131247Z
olcSyncrepl: {0}rid=011 provider=ldap://server1:21389/ bind
method=simple timeout=0 network-timeout=0 binddn="XXXXXXX"
credentials="XXXX" keepalive=0:0:0 startt
ls=critical filter="(objectclass=*)" searchbase="dc=company,dc=com"
scope=sub schemachecking=off type=refreshOnly retry="30 +" interval=00:00:00:30
olcSyncrepl: {1}rid=012 provider=ldap://server2:21389/ bind
method=simple timeout=0 network-timeout=0 binddn="XXXXXXX"
credentials="XXXX" keepalive=0:0:0 startt
ls=critical filter="(objectclass=*)" searchbase="dc=company,dc=com"
scope=sub schemachecking=off type=refreshOnly retry="30 +" interval=00:00:00:30
olcSyncrepl: {2}rid=013 provider=ldap://server3:21389/ bind
method=simple timeout=0 network-timeout=0 binddn="XXXXXXX"
credentials="XXXX" keepalive=0:0:0 startt
ls=critical filter="(objectclass=*)" searchbase="dc=company,dc=com"
scope=sub schemachecking=off type=refreshOnly retry="30 +" interval=00:00:00:30
olcSyncrepl: {3}rid=014 provider=ldap://server4:21389/ bind
method=simple timeout=0 network-timeout=0 binddn="XXXXXXX"
credentials="XXXX" keepalive=0:0:0 startt
ls=critical filter="(objectclass=*)" searchbase="dc=company,dc=com"
scope=sub schemachecking=off type=refreshOnly retry="30 +" interval=00:00:00:30
entryCSN: 20140924095732.634049Z#000000#001#000000
modifiersName: cn=Manager,cn=config
modifyTimestamp: 20140924095732Z