---------- Forwarded message ----------
From:
Marco Pizzoli <marco.pizzoli@gmail.com>
Date: Thu, Sep 16, 2010 at 1:07 PM
Subject: Re: Searched Attr=1.1
To: Dieter Kluenter <
dieter@dkluenter.de>
Cc:
openldap-technical@openldap.org
Hi Dieter,
thanks for your answer.
I came to this evidence in investigating an anomaly that I'm having with my accesslog database.
Symptom I was having was continuous high cpu spot. I suspected it was due to my accesslog database.
- I made a slapcat of my entire log database.
- I erased my log database
- I tried a slapadd of my log database
I had this problem:
/usr/sbin/slapadd -b "cn=log,dc=mycorp.it" -l /srv/bck/dump_db_log.ldif.20100916
.
0.00% eta 08h35m elapsed spd 90.2 k/s str2entry:
invalid value for attributeType reqControls #0 (syntax
1.3.6.1.4.1.4203.666.11.5.3.1)
slapadd2.4: could not parse entry (line=4907)
- 0.01% eta 05h58m elapsed spd 205.7 k/s
Closing DB...
I went to that line and found this entry:
dn: reqStart=20100913065628.000008Z,cn=log,dc=mycorp.it
objectClass: auditSearch
structuralObjectClass: auditSearch
reqStart: 20100913065628.000008Z
reqEnd: 20100913065628.000009Z
reqType: search
reqSession: 1129
reqAuthzID: cn=syncrepl-ldap04,ou=utenze_tecniche_openldap,ou=Gestori,dc=mycorp.it
reqControls: {0}{1.3.6.1.4.1.4203.1.9.1.1 controlValue "30440K0103043M7269643N
3030332M7369643N3030342M63736O3N32303130303931333036353130362O3932343735355K2
330303030303023303033233030303030300001PP"}
reqControls: {1}{2.16.840.1.113730.3.4.2 criticality TRUE}
reqDN: dc=mycorp.it
reqResult: 0
reqScope: base
reqDerefAliases: never
reqAttrsOnly: TRUE
reqFilter: (objectclass=*)
reqAttr: 1.1
reqEntries: 0
reqTimeLimit: -1
reqSizeLimit: 1
entryUUID: 2beb0bd0-ba32-4a00-93da-748ef2177cc7
creatorsName: cn=Manager,cn=log,dc=mycorp.it
createTimestamp: 20100913065628Z
entryCSN: 20100913065628.167225Z#000000#003#000000
modifiersName: cn=Manager,cn=log,dc=mycorp.it
modifyTimestamp: 20100913065628Z
Can someone tell me why this entry result not accepted to my openldap system?
I'm using OL 2.4.23 with password policy overlay defined.
The entry I posted is related to an access made by a specific syncrepl-user. Replica configured in mirror-mode.
Other OL systems are 2.4.22.
Deleting this entry and re-slapadding I had another similar problem.
/usr/sbin/slapadd2.4 -b "cn=log,dc=mycorp.it" -l /tmp/dump_db_log.ldif.20100916_Corrected
"
4.69% eta 01h07m elapsed 03m19s spd 542.3 k/s str2entry:
invalid value for attributeType reqRespControls #0 (syntax
1.3.6.1.4.1.4203.666.11.5.3.1)
slapadd2.4: could not parse entry (line=3099715)
* 4.70% eta 01h07m elapsed 03m20s spd 979.8 k/s
Closing DB...
The entry affected is this one:
dn: reqStart=20100913093021.000000Z,cn=log,dc=mycorp.it
objectClass: auditBind
structuralObjectClass: auditBind
reqStart: 20100913093021.000000Z
reqEnd: 20100913093021.000001Z
reqType: bind
reqSession: 2746
reqAuthzID:
reqControls: {0}{1.3.6.1.4.1.42.2.27.8.5.1}
reqRespControls: {0}{1.3.6.1.4.1.42.2.27.8.5.1 controlValue "3000"}
reqDN: uid=pe1597,ou=People,dc=mycorp.it
reqResult: 0
reqVersion: 3
reqMethod: SIMPLE
entryUUID: 192cbddf-4b5c-431d-a92e-c2f84fa4b7be
creatorsName: cn=Manager,cn=log,dc=mycorp.it
createTimestamp: 20100913093021Z
entryCSN: 20100913093021.411398Z#000000#003#000000
modifiersName: cn=Manager,cn=log,dc=mycorp.it
modifyTimestamp: 20100913093021Z
Any help is appreciated.
Thanks
Marco
On Thu, Sep 16, 2010 at 12:27 PM, Dieter Kluenter
<dieter@dkluenter.de> wrote:
Marco Pizzoli <
marco.pizzoli@gmail.com> writes:
> Hi list,
> I found some entries in my OL logs about searches for attribute "1.1". I've
> seen that the requester is the user used for the replication (syncrepl).
>
> Can anyone explain to me what this kind of attribute is this?
>
> conn=0 op=3 SRCH attr=1.1
-Dieter
--
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6
--
_________________________________________
Non è forte chi non cade, ma chi cadendo ha la forza di rialzarsi.
Jim Morrison