Hi,
I'm trying to configure access logging in my OpenLDAP server (version is
2.3.27) using slapo-accesslog overlay.
In slapd.conf I have configured accesslog database according to manual:
database bdb
suffix "cn=accesslog"
rootdn "cn=root,cn=accesslog"
rootpw accesslog
index reqStart eq
database bdb
suffix "dc=main_domain,dc=com"
checkpoint 1024 5
cachesize 10000
rootdn "cn=Administrator,dc=main_domain,dc=com"
overlay accesslog
logdb "cn=accesslog"
logops writes
logold (objectclass=person)
In previous version of slapd.conf there was also slapo-refint overlay
enabled to support 'uniqueMember' attribute update after member entry is
renamed or deleted:
overlay refint
refint_attributes uniqueMember
After turning on access logging I inspect the following problem:
I create 2 users (objectclass=person) and a group
(objectclass=groupOfUniqueNames), then I add both users to that group. Next
I'm trying to rename (or delete) one of the member users and... LDAP hangs
up with no response. When I connect once again, then I see that action was
performed (user is renamed or deleted, but old member reference is present
in group attributes). However, I'm not able to modify directory (that is to
add some new entry) LDAP hangs up on any attempt and only OpenLDAP restart
helps.
Last note is that this problem appears only when both accesslog and refint
are enabled. Separately they are working as expected.
Does anybody have an idea about the reason of such problem?
Thanks in advance,
Alina.