[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: dnMatch flooding logs and access blocked

Seriously, I need help.
Can anyone help me?

None of the avenues I have looked into have amounted to anything.
The logging is not helping.  I believe whatever is happening is supposed to be happening but when it does blocking occurs.
I have commented out all of the syncing properties in slapd.conf
I do still have "checkpoint 1024 15" enabled.

I am pretty desperate for help and I have not had a response from anyone on any site I have posted this.
I have been searching for an direction for a couple weeks now, I'm not asking for an answer just a direction on where I maybe should look.


From: Al Dispennette <al.dispennette@clairmail.com>
Date: Tue, 4 Dec 2012 10:32:40 -0800
To: <openldap-technical@openldap.org>
Subject: Re: dnMatch flooding logs and access blocked

So I downloaded the openldap source and looked at the places where the debug output logs the message below.
That being said it looks like it is happening during some group entry modification.

I am not that knowledgeable with ldap so I have another question related to the blocking that is occurring.
So the situation is this, in my application I allow users to update their usernames and password.
For the username update I copy the user into a cloned object delete the entry from ldap and then add the cloned object with the new username to ldap.
As for the password I simply update the password attribute.

Is there something in the removal and addition of the user object that is causing the group to need to be reindexed or the cache to be reloaded or anything that may cause the blocking that I am seeing?

I changed the log level from 255 to 3 so I should see some different debug output, but until this occurs again does anyone have any insight or knowledge that could help me.


Al Dispennette

From: Al Dispennette <al.dispennette@clairmail.com>
Date: Mon, 3 Dec 2012 14:35:44 -0800
To: <openldap-technical@openldap.org>
Subject: dnMatch flooding logs and access blocked


I am seeing the following get repeated in my slapd logs for hundreds of line.  I know it is due to the logging level.

However, when this starts happening no one can access the server because what ever is logging this is blocking.

Can anyone tell me what is causing this log entry?

slapd[20616]: dnMatch -1#012#011"uid=item1,ou=users,dc=example,dc=com"#012#011"uid=user,ou=users,dc=example,dc=com"

slapd[20616]: dnMatch 2#012#011"uid=item2,ou=users,dc=example,dc=com"#012#011"uid=user,ou=users,dc=example,dc=com"

slapd[20616]: dnMatch 2#012#011"uid=item3,ou=users,dc=example,dc=com"#012#011"uid=user,ou=users,dc=example,dc=com"

slapd[20616]: dnMatch -2#012#011"uid=item4,ou=users,dc=example,dc=com"#012#011"uid=user,ou=users,dc=example,dc=com"

slapd[20616]: dnMatch -1#012#011"uid=item5,ou=users,dc=example,dc=com"#012#011"uid=user,ou=users,dc=example,dc=com"

slapd[20616]: dnMatch -2#012#011"uid=item6,ou=users,dc=example,dc=com"#012#011"uid=user,ou=users,dc=example,dc=com"

Al Dispennette