[Date Prev][Date Next] [Chronological] [Thread] [Top]

openldap server startup delay

Hi listers

version on the main server: openldap-2.2.17

on this site, we use openldap to manage the entire mail system. we do a backup of the directory each night at 1 o'clock. the ldap service is distributed on three servers, which are kept synced by the slurp daemon.

Before doing the backup, we restart the main openldap server with a configuration with "readonly on" set for the directory database:
/etc/init.d/ldap.readonly restart

Then we do

/usr/local/openldap/sbin/slapcat -f /usr/local/openldap/etc/openldap/slapd.conf -l $HOME/backup/backup_file

After having done that, we restart the openldap server with a configuration with "readonly off" set for the directory database:
/etc/init.d/ldap restart

This means: we are using the normal restart procedure from the /etc/init.d directory, because the openldap server may not have (?) a reload feature via the SIGHUP signal to make it reread the config-file.

Every now and then, we get a message from the postfix server, that the ldap server has not been accessible, when it tried to retrieve mail-parameters in the time between 1.00 and 1.09 in the night ("temporary lookup failure"), which means that the openldap server during this time cannot be accessed. This seems a very long time (9 minutes).

my questions:

can i set and clear the readonly flag for the directory using a direct command to the server, in order not to have to restart the server twice?

can i omit to set the readonly flag altogether before doing the slapcat?

is there another method to restart the openldap server much faster than via this method? e.g. can i send the openldap server a SIGHUP flag directly and not go through the /etc/init.d/ldap restart procedure?

any reply will be appreciated, thanks in adwance.