[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: cannot add DN b/c already exists, but it doesnt

With an older version of openldap, I believe 2.0.7, this was an
indication of index corruption.  I had two fixes.  One was to stop
LDAP, reindex, and restart.  Since this required shutting down LDAP, I
didn't like it.  The other was to modify part of an entry for a DN
which I knew existed, but the server said didn't exist.  This would
force the index to be reset, and then the DN would become normal
again.  Not sure if this relates to your problem, so your milage may

On Mon, Sep 23, 2002 at 08:39:47PM -0700, David Koopman wrote:
> I am having a problem where my 90,000 entry openldap-2.0.25 compiled on a
> RH 7.2 machine OS running db-4.1.24 on the backend.  I am using LDAP for
> qmail-ldap - storing email user accounts in LDAP.
> configured and installed ldap from source with only the --prefix=/var/ldap
> option.
> When I initially loaded ldap with data, I did so with a PHP script that
> reads data from a SQL database and loads openLDAP.  This went very
> smoothly, all 90,000 user's info loaded in about 1.5 hours!
> Now, all day long, users can make changes to their account, at whim.  I get
> about 100 account changes per hour -- so the LDAP database is constantly
> being queried and updated.  User can change their password, change vacation
> response, forwarding address, etc, etc.  For the most part everything is
> working well, until...
> About a week into the implementation, I look into my logs to see how things
> are going and there are 32 dns that absolutely will not update.  When I say
> update, I really mean add...  when a user makes a change, I delete their
> old dn, then add it back in.  Some are brand new, some are dns that existed
> before, but cannot be updated.  When I try to add the the user entry, ldap
> reports it cannot add because DN already exists.  If I try to delete the
> DN, ldap reports in cannot delete because DN does not exist.  This really
> messes things up.  Interestingly enough, I can add the user's information
> with a slightly different DN and it works fine.  So, I have a handful of
> DNs, 34 out of 90000, that I cannot use.  This is a problem for me because
> I use PHP to automate the user initiated changes...  the DNs I use have
> specific meaning.
> Has anyone seen anything like this?  What is the solution?  I have another
> machine that I am trying to duplicate the error on and I cannot.  On the
> other machine, I thought I had built it the same (same software) to the
> best of my knowledge.  I am running a script on it for 2 weeks now, non-
> stop, where I have a set of ~90,000 users in a SQL database...  I cyclce
> through all 90,000 in a loop...  for each user, I first delete their
> existing DN, then I create their DN with their information (very similar
> behavior to my production machine).  Like I said, this has been running for
> 2 weeks straight, non-stop updates, and I have not had one single error.
> This is really baffling me.
> Dave.

<>  Brynnen Owen            (     this space for rent                      )<>
<>  owen@uiuc.edu           (                                              )<>