Hi, I'm trying to configure access logging in my OpenLDAP server (version is 2.3.27) using slapo-accesslog overlay. In slapd.conf I have configured accesslog database according to manual:
database bdb suffix "cn=accesslog" rootdn "cn=root,cn=accesslog" rootpw accesslog index reqStart eq
database bdb suffix "dc=main_domain,dc=com" checkpoint 1024 5 cachesize 10000 rootdn "cn=Administrator,dc=main_domain,dc=com" overlay accesslog logdb "cn=accesslog" logops writes logold (objectclass=person)
In previous version of slapd.conf there was also slapo-refint overlay enabled to support 'uniqueMember' attribute update after member entry is renamed or deleted:
overlay refint refint_attributes uniqueMember
After turning on access logging I inspect the following problem: I create 2 users (objectclass=person) and a group (objectclass=groupOfUniqueNames), then I add both users to that group. Next I'm trying to rename (or delete) one of the member users and... LDAP hangs up with no response. When I connect once again, then I see that action was performed (user is renamed or deleted, but old member reference is present in group attributes). However, I'm not able to modify directory (that is to add some new entry) LDAP hangs up on any attempt and only OpenLDAP restart helps. Last note is that this problem appears only when both accesslog and refint are enabled. Separately they are working as expected.
Does anybody have an idea about the reason of such problem?
Thanks in advance, Alina.