[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: adding VLV support to OpenLDAP 2.4.31

To: Igor Shmukler <igor.shmukler@gmail.com>, Chris Card <ctcard@hotmail.com>
Subject: Re: adding VLV support to OpenLDAP 2.4.31
From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
Date: Wed, 12 Nov 2014 09:50:24 +0000
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <DUB125-W3EF825FBAAE57B9B8A5F9CC8E0@phx.gbl> <CAA1SNA3RY5=xfRcXCB5utkoyf4wCWH4MQsg_Md3UU16XrbSfPA@mail.gmail.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On Wed, Nov 12, 2014 at 01:02:36AM +0200, Igor Shmukler wrote:

> Interestingly, lsof does have the following entry:
> slapd   13310 openldap  mem    REG              202,1    26872 409681
> /usr/lib/ldap/sssvlv-2.4.so.2.8.3
> 
> Hence, it seems that sssvlv is loaded. At the same time, ldapsearch is
> telling me "VLV control requires server side sort control"

It would appear that the sssvlv *module* has loaded, but you still have to 
apply the overlay to the database that you want it to work on.

> Does this mean like Quanah said that my OpenLDAP from Ubuntu server is broken?

Not necessarily. Many people on this list dislike the way that some
of the major Linux distros build OpenLDAP and the old versions of
OpenLDAP that they use, so the default setup tends to get described as
'broken'. Quanah was also referring to the fact that you had hand-edited
a file under /etc/ldap/slapd.d/cn=config - that is a very risky thing
to do and you may have caused problems that way.

In this case I think it more likely that you just need to add the overlay
to the database.

On Wed, Nov 12, 2014 at 08:38:14AM +0000, Chris Card wrote:

> Date: Wed, 12 Nov 2014 08:38:14 +0000
> From: Chris Card <ctcard@hotmail.com>
> 
> dn: olcOverlay=sssvlv,olcDatabase={1}bdb,cn=config
> objectClass: olcSssVlvConfig
> olcOverlay: sssvlv
> olcSssVlvMax: 10
> olcSssVlvMaxKeys: 5
> 
> something like 
> 
> ldapadd -x -w <password> -D cn=config -f <ldif file>

As Chris says, ldapadd (or slapadd if the server is down) is the right
way to modify a config of this type. The exact LDIF required will
depend on your database setup: Chris has assumed that you want the
overlay on the first non-config database and that it is a bdb.
If your setup is different then the DN will have to change.

Note also that bdb is deprecated. If you continue to use the binaries
shipped with Ubuntu then you should at least consider swapping to hdb.
Ideally you should build the latest OpenLDAP from source and use mdb.
Changing to a different database type requires dumping all data to LDIF
text files and re-loading it in the new database, so this is not something
to be undertaken until you are more familiar with OpenLDAP.

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

References:
- Re: adding VLV support to OpenLDAP 2.4.31
  - From: Igor Shmukler <igor.shmukler@gmail.com>

Prev by Date: Re: adding VLV support to OpenLDAP 2.4.31
Next by Date: Re: adding VLV support to OpenLDAP 2.4.31
Index(es):
- Chronological
- Thread