Hi All -
I'm having an odd issue where on a rare occasion (a couple of times a week), a new LDAP user entry is being deleted shortly after it is created. Sometimes it happens within a few minutes, sometimes it happens within an hour or so.
I have a 4 way multi-master setup, with all writes being directed at a single server with a load balancer. I have the auditlog enabled (from failed attempts at delta sync) and I see auditDelete entries in the auditdb, but its being executed from the internal admin user, not a "real" user. I do not see anything suspect in my system logs running at the normal loglevel.
I'm running 2.4.39 on Redhat 6, x64 with mdb. Below is a snippet of my configuration from the specific database in question. Does anyone know why this might be occurring? Any idea on how to further troubleshoot this issue?
Thanks in advance -
Al
dn: olcDatabase={1}mdb,cn=config objectClass: olcDatabaseConfig objectClass: olcMdbConfig olcDatabase: {1}mdb olcDbDirectory: /PATH/TO/OPENLDAP/var/openldap-data olcSuffix: dc=company,dc=com olcAddContentAcl: FALSE olcLastMod: TRUE olcLimits: {0}dn.base="XXXXXXX" size.soft=unlimited size.hard=unlimited time.soft=unlimited time.hard=unlimited olcMaxDerefDepth: 15 olcReadOnly: FALSE olcRootDN: cn=Manager,dc=company,dc=com olcRootPW:: XXXXXXXXX olcSyncUseSubentry: FALSE olcMirrorMode: TRUE olcMonitoring: TRUE olcDbCheckpoint: 512 5 olcDbNoSync: TRUE olcDbIndex: objectClass eq olcDbIndex: entryUUID eq olcDbIndex: entryCSN eq olcDbIndex: cn pres,eq,sub olcDbIndex: uid eq olcDbIndex: uidNumber eq olcDbIndex: gidNumber eq olcDbIndex: uniqueMember eq olcDbIndex: nisNetgroupTriple eq olcDbIndex: sudoUser eq,sub olcDbIndex: mail eq olcDbIndex: pwmToken eq,sub olcDbIndex: memberOf eq olcDbMaxSize: 25000000000 olcDbMode: 0600 structuralObjectClass: olcMdbConfig entryUUID: xxxx-xxxx-xxxxx-xxxxx creatorsName: cn=config createTimestamp: 20111014131247Z olcSyncrepl: {0}rid=011 provider=ldap://server1:21389/ bind method=simple timeout=0 network-timeout=0 binddn="XXXXXXX" credentials="XXXX" keepalive=0:0:0 startt ls=critical filter="(objectclass=*)" searchbase="dc=company,dc=com" scope=sub schemachecking=off type=refreshOnly retry="30 +" interval=00:00:00:30 olcSyncrepl: {1}rid=012 provider=ldap://server2:21389/ bind method=simple timeout=0 network-timeout=0 binddn="XXXXXXX" credentials="XXXX" keepalive=0:0:0 startt ls=critical filter="(objectclass=*)" searchbase="dc=company,dc=com" scope=sub schemachecking=off type=refreshOnly retry="30 +" interval=00:00:00:30 olcSyncrepl: {2}rid=013 provider=ldap://server3:21389/ bind method=simple timeout=0 network-timeout=0 binddn="XXXXXXX" credentials="XXXX" keepalive=0:0:0 startt ls=critical filter="(objectclass=*)" searchbase="dc=company,dc=com" scope=sub schemachecking=off type=refreshOnly retry="30 +" interval=00:00:00:30 olcSyncrepl: {3}rid=014 provider=ldap://server4:21389/ bind method=simple timeout=0 network-timeout=0 binddn="XXXXXXX" credentials="XXXX" keepalive=0:0:0 startt ls=critical filter="(objectclass=*)" searchbase="dc=company,dc=com" scope=sub schemachecking=off type=refreshOnly retry="30 +" interval=00:00:00:30 entryCSN: 20140924095732.634049Z#000000#001#000000 modifiersName: cn=Manager,cn=config modifyTimestamp: 20140924095732Z