I have a problem with a new OpenLDAP configuration that is likely my own
doing, but I am unable to discern the cause.
Environment: Solaris 9, OpenLDAP 2.4.16, Berkeley DB 4.7.25
I installed the OpenLDAP software from the stable release at the
site. After some basic configuration and very basic tests, I
did the "full" slapd.conf and DB_CONFIG configurations using various
resources, including the Admin Guide and the FAQ-o-matic.
All seemed to be going well until I tried to add (ldapmodify -a w/ldif
files) some new "person" entries based on data I want to migrate. The
first one was OK, but subsequent ones never completed. When the problem
occurs, there's no return from the ldapmodify command and likewise any
"db_stat" commands that I attempt. When I look at the log (local4.debug)
entries, the last entry is for the "ADD dn="uid=DCM...". The daemon is
*not* looping, there's just never a response. [I need to break to get my
prompt back.] When I attempt to stop the daemon, I get "waiting for 1
operations/tasks to finish" and I have to kill the daemon to get it to
stop. When I restart, it goes through DB recovery and everything is as it
was before the ldapmodify -a started.
A colleague suggested something that seems to be an indicator:
- an add of "dn: uid=DCM11,ou=People,o=XXXX" works fine
- an add of "dn: uid=DCM1123,ou=People,o=XXXX" works fine
- an add of "dn: uid=DCM11234,ou=People,o=USNS" does *not* work
So it seems that "uid" values with lengths over 7 characters fail. Yeah,
this seems plenty odd to me, but I've created\tested\deleted DBs multiple
times over and this still happens consistently.
I have tried multiple levels of "debug", down to "488" anyway, but
no message that seems like an error.
Not wanting to swamp anyone, here's some basic config extracts:
set_cachesize 0 67108864 1
===slapd_t10.conf=== [obviously stripped]
checkpoint 128 15
index objectClass eq
index uid pres,eq [Have tried taking this
out & re-creating - no difference]
Anyone have any ideas? I have spent many hours looking at this, but I'm
willing to believe it's something simple I can't see.
Thanks in advance for you help.