Team any update…
From: Arun Sasi V (WI01 -
Manage IT)
Sent: Monday, July 11, 2011 3:20 PM
To: E.S. Rosenberg
Cc: openldap-technical@openldap.org
Subject: RE: Multi Master OpenLdap.
And also I could see below message
nonpresent_callback: rid=003
present UUI
Thanks,
-Arun
From: Arun Sasi V (WI01 -
Manage IT)
Sent: Monday, July 11, 2011 1:36 PM
To: 'E.S. Rosenberg'
Cc: openldap-technical@openldap.org
Subject: RE: Multi Master OpenLdap.
Thank you very much Eli for concidering my issue. Here is
my scenario...
I couldn’t find any abnormality in log files and also I
never seen any deletion logs in the server. Slapd will go for hang and some
ID`s will get disappear same will be replicate to slaves too. Mainly Groups and
Computer accounts
I can see some UNBIND and connection lost logs from
one server and another multimaster server from
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138411
op=24 SEARCH RESULT tag=101 err=32 nentries=0 text=
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138424
op=12 SRCH base="ou=Groups,dc=emb,dc=slb,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=65534))"
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138424
op=12 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description
displayName cn objectClass
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138424
op=12 SEARCH RESULT tag=101 err=0 nentries=0 text=
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138415
op=21 SRCH
base="sambaDomainName=EMB,sambaDomainName=emb,dc=emb,dc=slb,dc=com"
scope=2 deref=0
filter="(&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=emb))"
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138415
op=21 SEARCH RESULT tag=101 err=32 nentries=0 text=
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138385
op=46 SRCH base="ou=Groups,dc=emb,dc=slb,dc=com" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(|(displayName=test)(cn=test)))"
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138385
op=46 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description
displayName cn objectClass
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: <=
bdb_equality_candidates: (displayName) not indexed
Jul 11 04:03:39 gb0135embldap01 slapd[9852]: <=
bdb_equality_candidates: (cn) not indexed
Jul 11 04:07:53 gb0135embldap01 slapd[21335]: @(#)
$OpenLDAP: slapd 2.4.15 (Mar 19 2009 10:07:59) $
^Ibuildd@yellow:/build/buildd/openldap-2.4.15/debian/build/servers/slapd
Jul 11 04:07:54 gb0135embldap01 slapd[21337]: slapd
starting
Jul 11 04:07:54 gb0135embldap01 slapd[21337]: conn=0
fd=23 ACCEPT from IP=[::1]:57016 (IP=[::]:389)
Jul 11 04:07:54 gb0135embldap01 slapd[21337]: conn=1
fd=24 ACCEPT from IP=134.32.44.37:40763 (IP=0.0.0.0:389)
OLCDATABSE
dn: olcDatabase={1}hdb
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=emb,dc=slb,dc=com
olcAccess: {0}to
attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword
by dn="cn=admin,dc=emb,dc=slb,dc=com"
write
by
dn="cn=sunone-replication,dc=emb,dc=slb,dc=com"
peername.ip=136.250.9.48 write
by
dn="cn=sunone-replication,dc=emb,dc=slb,dc=com"
peername.ip=163.185.18.238 write
by anonymous auth by self write
by * none
olcAccess: {1}to dn.base="" by * read
#Enable Local Admin to add users in the Group and also
SunOne to add users to country groups
olcAccess: {2}to
dn.subtree="ou=groups,dc=emb,dc=slb,dc=com"
by set="user/uid &
[cn=group-admin,ou=SuperGroups,dc=emb,dc=slb,dc=com]/memberuid" write
by
dn="cn=sunone-replication,dc=emb,dc=slb,dc=com"
peername.ip=136.250.9.48 write
by
dn="cn=sunone-replication,dc=emb,dc=slb,dc=com"
peername.ip=163.185.18.238 write
by * read
#Enable Local Admin to add computers
olcAccess: {3}to dn.subtree="ou=Computers,dc=emb,dc=slb,dc=com"
by set="user/uid &
[cn=group-admin,ou=SuperGroups,dc=emb,dc=slb,dc=com]/memberuid" write
by * read
#Enable shell-admin to set up local user access
olcAccess: {4}to attrs=loginShell,homeDirectory
by set="user/uid &
[cn=shell-admin,ou=SuperGroups,dc=emb,dc=slb,dc=com]/memberuid" write
by
dn="cn=sunone-replication,dc=emb,dc=slb,dc=com"
peername.ip=136.250.9.48 write
by
dn="cn=sunone-replication,dc=emb,dc=slb,dc=com"
peername.ip=163.185.18.238 write
by * read
#Enable write access to account sun-one-replication for
sun ldap replication.
olcAccess: {5}to *
by dn="cn=admin,dc=emb,dc=slb,dc=com"
write
by
dn="cn=sunone-replication,dc=emb,dc=slb,dc=com"
peername.ip=136.250.9.48 write
by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com"
peername.ip=163.185.18.238 write
by * read
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0
olcDbConfig: {1}set_lk_max_objects 1500
olcDbConfig: {2}set_lk_max_locks 1500
olcDbConfig: {3}set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbIndex: entryUUID eq
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: default sub
structuralObjectClass: olcHdbConfig
entryUUID: f479600a-5f34-102f-8ddd-3ff046e70702
creatorsName: cn=admin,cn=config
createTimestamp: 20100928101442Z
olcRootDN: cn=admin,dc=emb,dc=slb,dc=com
olcSyncrepl: {0}rid=003
provider=ldap://gb0135embldap01.emb.slb.com binddn="cn
=admin,dc=emb,dc=slb,dc=com" bindmethod=simple
credentials=Bsl@121z searchbas
e="dc=emb,dc=slb,dc=com" type=refreshOnly
interval=00:00:00:10 retry="5 5 300
5" timeout=1 starttls=yes
olcSyncrepl: {1}rid=004
provider=ldap://ae0042embldap01.emb.slb.com binddn="cn
=admin,dc=emb,dc=slb,dc=com" bindmethod=simple
credentials=Bsl@121z searchbas
e="dc=emb,dc=slb,dc=com" type=refreshOnly
interval=00:00:00:10 retry="5 5 300
5" timeout=1 starttls=yes
olcMirrorMode: TRUE
entryCSN: 20100928191927.932499Z#000000#001#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20100928191927Z
Ldap Version
@(#) $OpenLDAP: slapd 2.4.15 (Mar 19 2009 10:07:59) $
Operating system
Distributor ID: Ubuntu
Description: Ubuntu 9.04
Release: 9.04
Codename: jaunty
Thanks,
-Arun
-----Original Message-----
From: E.S. Rosenberg [mailto:esr@g.jct.ac.il]
Sent: Monday, July 11, 2011 12:58 PM
To: Arun Sasi V (WI01 - Manage IT)
Cc: openldap-technical@openldap.org
Subject: Re: Multi Master OpenLdap.
Have you tried raising the loglevel?
Are the schemas the same between the servers?
Is time in sync between the servers?
What versions are you dealing with?
You don't provide a lot of info and most of us are not
clairvoyant....
Regards,
Eli
2011/7/11 <arun.sasi1@wipro.com>:
>
>
>
>
> Thanks,
>
> -Arun
>
>
>
> From: Arun Sasi V (WI01 - Manage IT)
> Sent: Wednesday, July 06, 2011 5:46 PM
> To: 'openldap-technical@openldap.org'
> Subject: Multi Master OpenLdap.
>
>
>
> Hello Team,
>
>
>
> I have configured Multi-master Mirror mode replica
setup in our environment.
> We have 3 regions slave Ldap server which is read
only and two location we
> have configured as mirror mode replica Ldap. My
problem here is…
>
>
>
> Master Ldap is going hang some times and some ID`s
are disappearing from the
> master server. I couldn’t find any logs over there
for why ID`s are
> disappearing and also why Ldap is going hung state.
>
>
>
> Thanks & Regards,
>
> Arun Sasi V
>
> Please do not print this email unless it is
absolutely necessary.
>
> The information contained in this electronic message
and any attachments to
> this message are intended for the exclusive use of
the addressee(s) and may
> contain proprietary, confidential or privileged
information. If you are not
> the intended recipient, you should not disseminate,
distribute or copy this
> e-mail. Please notify the sender immediately and
destroy all copies of this
> message and any attachments.
>
> WARNING: Computer viruses can be transmitted via
email. The recipient should
> check this email and any attachments for the
presence of viruses. The
> company accepts no liability for any damage caused
by any virus transmitted
> by this email.
>
> www.wipro.com
Please do not print this email unless it is absolutely necessary.
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
www.wipro.com