--On Tuesday, March 29, 2005 8:39 PM +0530 Abhishek Daga <abhishek@ostech.biz> wrote: >> >> >> You should upgrade to the latest stable version of OpenLDAP. >> >> > Will do. I'm seeing this problem also, using openldap version 2.2.23. In my case, clearing things up requires the following steps: service ldap stop /usr/sbin/slapd_db_recover -h /var/lib/ldap service ldap start chown -R ldap.ldap /var/lib/ldap service ldap start For some reason, the db_recover deletes: -rw------- 1 ldap ldap 16384 Mar 28 22:22 __db.001 -rw------- 1 ldap ldap 278528 Mar 28 22:22 __db.002 -rw------- 1 ldap ldap 98304 Mar 28 22:22 __db.003 -rw------- 1 ldap ldap 450560 Mar 28 22:22 __db.004 -rw------- 1 ldap ldap 24576 Mar 28 22:22 __db.005 and the first service ldap start creates them owned by root, then, ldap dies because they are owned by root and not ldap. The second service ldap start starts the ldap daemon. >> What attributes do you use in all your filters? >> Do you see any "index_param failed (18)" errors in your ldap logs? >> >> >> > No, do not see that error. > I also have none of these errors. > >> I don't see any "cachesize" or "idlcachesize" directive in your >> slapd.conf. You should definitely set them. >> > Any default or "safe" values for it? > My slapd.conf contains the following for the database configuration: database bdb suffix "dc=bluewater-aquatics,dc=com" rootdn "cn=root,dc=bluewater-aquatics,dc=com" # Entry Cache Size (number of entries) cachesize 5000 # Transactional checkpoint # kbytes minutes checkpoint 512 5 # Cleartext passwords, especially for the rootdn, should # be avoided. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw <removed for security> # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/lib/ldap # Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,givenname eq,pres,sub index gecos,sn,employeetype eq,pres,sub index authorizedService eq,pres index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub I don't know about idlcachesize... What is a reasonable value to put there? It is not documented or even mentioned in my slapd.conf(5) manpage. Is it new to 2.2.24? >> What about your DB_CONFIG file? It should be in your folder >> /usr/local/var/openldap-data. >> >> > This file does not exist in this location nor at any other location? am i > wrong? > In my case, should this file go in /var/lib/ldap? I haven't found a lot of documentation on this file, and, what I've found leads me to believe that is the proper location. Also, are the following reasonable contents for that file? # In Memory Cache Size set_cachesize 0 8388608 0 # Database Flags #set_flags DB_TXN_NOSYNC # Don't immediately flush txn logs. Dangerous # Log Values set_lg_regionmax 1048576 set_lg_max 10485760 set_lg_bsize 2097152 set_lg_dir /var/lib/ldap/bdb-logs # Temporary file location set_tmp_dir /tmp Thanks, Owen -- If it wasn't crypto-signed, it probably didn't come from me.
Attachment:
pgpGaxJXOIZR4.pgp
Description: PGP signature