Hello list,
I've been recently experimenting with
the valsort overlay. After enabling it on the servers in our test environment
they became unresponsive after a few minutes and a simple "top"
showed a 100% cpu utilization on the machines.
Before filing an ITS I thought I'd first
post my problem here. Maybe it's just something as simple as a misplaced
configuration directive. Therefor I've included the relevant information
below.
The test-servers only have about 100
entries and usually no more than half a dozen clients access them simultaneously.
OpenLDAP Version: 2.3.30
BerkeleyDB: 4.2.52 + 5 patches
OS: RHES 2.1 and 3.0
Relevant slapd.conf parts:
... <ACL's, TLS opts, other global
stuff> ...
...
overlay chain
chain-uri
"ldap://<...>"
chain-idassert-bind
bindmethod=sasl binddn="<...>" saslmech=external
mode=self
chain-tls
start
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix
"dc=o2online,dc=de"
rootdn
<...>
rootpw
{SSHA}<...>
directory /var/lib/ldap/openldap-data
index objectClass
eq
index entryCSN
eq
index entryUUID
eq
index sudoUser
pres,eq,sub
index uid,cn
pres,eq,sub
index uidNumber
eq
index gidNumber
eq
index memberUid
eq
index uniqueMember
eq
index host
eq
## Syncrepl provider settings
#overlay syncprov
#syncprov-checkpoint
50 5
#syncprov-sessionlog
1000
# Syncrepl consumer settings
syncrepl rid=100
provider=ldap://<...>
type=refreshAndPersist
interval=00:00:00:10
retry="60
10 300 +"
searchbase="dc=o2online,dc=de"
filter="(objectclass=*)"
scope=sub
attrs="*,+"
schemachecking=on
starttls=critical
bindmethod=sasl
saslmech="external"
updateref ldap://<...>
limits dn.exact="<...>"
size=unlimited time=unlimited
cachesize 10000
idlcachesize 30000
checkpoint 1024
5
overlay unique
unique_base
"dc=o2online,dc=de"
unique_attributes
uid uidNumber
overlay dynlist
dynlist-attrset
extensibleObject memberURL
uniqueMember
overlay valsort
valsort-attr uniqueMember dc=o2online,dc=de
alpha-ascend
valsort-attr host dc=o2online,dc=de
alpha-ascend
authz-policy to
authz-regexp
email=<...>
cn=<...>
Any help or hints would be much apreciated.
With kind regards
Michael Heep