Team any update…
From: Arun Sasi V (WI01 - Manage IT) Sent: Monday, July 11, 2011 3:20 PM To: E.S. Rosenberg Cc: [email protected] Subject: RE: Multi Master OpenLdap. And also I could see below message nonpresent_callback: rid=003 present UUI Thanks, -Arun From: Arun Sasi V (WI01 - Manage IT) Sent: Monday, July 11, 2011 1:36 PM To: 'E.S. Rosenberg' Cc: [email protected] Subject: RE: Multi Master OpenLdap. Thank you very much Eli for concidering my issue. Here is my scenario... I couldn’t find any abnormality in log files and also I never seen any deletion logs in the server. Slapd will go for hang and some ID`s will get disappear same will be replicate to slaves too. Mainly Groups and Computer accounts I can see some UNBIND and connection lost logs from one server and another multimaster server from Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138411 op=24 SEARCH RESULT tag=101 err=32 nentries=0 text= Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138424 op=12 SRCH base="ou=Groups,dc=emb,dc=slb,dc=com" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(gidNumber=65534))" Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138424 op=12 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138424 op=12 SEARCH RESULT tag=101 err=0 nentries=0 text= Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138415 op=21 SRCH base="sambaDomainName=EMB,sambaDomainName=emb,dc=emb,dc=slb,dc=com" scope=2 deref=0 filter="(&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=emb))" Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138415 op=21 SEARCH RESULT tag=101 err=32 nentries=0 text= Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138385 op=46 SRCH base="ou=Groups,dc=emb,dc=slb,dc=com" scope=2 deref=0 filter="(&(objectClass=sambaGroupMapping)(|(displayName=test)(cn=test)))" Jul 11 04:03:39 gb0135embldap01 slapd[9852]: conn=138385 op=46 SRCH attr=gidNumber sambaSID sambaGroupType sambaSIDList description displayName cn objectClass Jul 11 04:03:39 gb0135embldap01 slapd[9852]: <= bdb_equality_candidates: (displayName) not indexed Jul 11 04:03:39 gb0135embldap01 slapd[9852]: <= bdb_equality_candidates: (cn) not indexed Jul 11 04:07:53 gb0135embldap01 slapd[21335]: @(#) $OpenLDAP: slapd 2.4.15 (Mar 19 2009 10:07:59) $ ^Ibuildd@yellow:/build/buildd/openldap-2.4.15/debian/build/servers/slapd Jul 11 04:07:54 gb0135embldap01 slapd[21337]: slapd starting Jul 11 04:07:54 gb0135embldap01 slapd[21337]: conn=0 fd=23 ACCEPT from IP=[::1]:57016 (IP=[::]:389) Jul 11 04:07:54 gb0135embldap01 slapd[21337]: conn=1 fd=24 ACCEPT from IP=134.32.44.37:40763 (IP=0.0.0.0:389) OLCDATABSE dn: olcDatabase={1}hdb objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=emb,dc=slb,dc=com olcAccess: {0}to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by dn="cn=admin,dc=emb,dc=slb,dc=com" write by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com" peername.ip=136.250.9.48 write by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com" peername.ip=163.185.18.238 write by anonymous auth by self write by * none olcAccess: {1}to dn.base="" by * read #Enable Local Admin to add users in the Group and also SunOne to add users to country groups olcAccess: {2}to dn.subtree="ou=groups,dc=emb,dc=slb,dc=com" by set="user/uid & [cn=group-admin,ou=SuperGroups,dc=emb,dc=slb,dc=com]/memberuid" write by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com" peername.ip=136.250.9.48 write by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com" peername.ip=163.185.18.238 write by * read #Enable Local Admin to add computers olcAccess: {3}to dn.subtree="ou=Computers,dc=emb,dc=slb,dc=com" by set="user/uid & [cn=group-admin,ou=SuperGroups,dc=emb,dc=slb,dc=com]/memberuid" write by * read #Enable shell-admin to set up local user access olcAccess: {4}to attrs=loginShell,homeDirectory by set="user/uid & [cn=shell-admin,ou=SuperGroups,dc=emb,dc=slb,dc=com]/memberuid" write by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com" peername.ip=136.250.9.48 write by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com" peername.ip=163.185.18.238 write by * read #Enable write access to account sun-one-replication for sun ldap replication. olcAccess: {5}to * by dn="cn=admin,dc=emb,dc=slb,dc=com" write by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com" peername.ip=136.250.9.48 write by dn="cn=sunone-replication,dc=emb,dc=slb,dc=com" peername.ip=163.185.18.238 write by * read olcLastMod: TRUE olcDbCheckpoint: 512 30 olcDbConfig: {0}set_cachesize 0 2097152 0 olcDbConfig: {1}set_lk_max_objects 1500 olcDbConfig: {2}set_lk_max_locks 1500 olcDbConfig: {3}set_lk_max_lockers 1500 olcDbIndex: objectClass eq olcDbIndex: entryUUID eq olcDbIndex: uidNumber eq olcDbIndex: gidNumber eq olcDbIndex: gidNumber eq olcDbIndex: loginShell eq olcDbIndex: uid eq,pres,sub olcDbIndex: memberUid eq,pres,sub olcDbIndex: uniqueMember eq,pres olcDbIndex: sambaSID eq olcDbIndex: sambaPrimaryGroupSID eq olcDbIndex: sambaGroupType eq olcDbIndex: sambaSIDList eq olcDbIndex: sambaDomainName eq olcDbIndex: default sub structuralObjectClass: olcHdbConfig entryUUID: f479600a-5f34-102f-8ddd-3ff046e70702 creatorsName: cn=admin,cn=config createTimestamp: 20100928101442Z olcRootDN: cn=admin,dc=emb,dc=slb,dc=com olcSyncrepl: {0}rid=003 provider=ldap://gb0135embldap01.emb.slb.com binddn="cn =admin,dc=emb,dc=slb,dc=com" bindmethod=simple credentials=Bsl@121z searchbas e="dc=emb,dc=slb,dc=com" type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1 starttls=yes olcSyncrepl: {1}rid=004 provider=ldap://ae0042embldap01.emb.slb.com binddn="cn =admin,dc=emb,dc=slb,dc=com" bindmethod=simple credentials=Bsl@121z searchbas e="dc=emb,dc=slb,dc=com" type=refreshOnly interval=00:00:00:10 retry="5 5 300 5" timeout=1 starttls=yes olcMirrorMode: TRUE entryCSN: 20100928191927.932499Z#000000#001#000000 modifiersName: cn=admin,cn=config modifyTimestamp: 20100928191927Z Ldap Version @(#) $OpenLDAP: slapd 2.4.15 (Mar 19 2009 10:07:59) $ Operating system Distributor ID: Ubuntu Description: Ubuntu 9.04 Release: 9.04 Codename: jaunty Thanks, -Arun -----Original Message----- From: E.S. Rosenberg [mailto:[email protected]] Sent: Monday, July 11, 2011 12:58 PM To: Arun Sasi V (WI01 - Manage IT) Cc: [email protected] Subject: Re: Multi Master OpenLdap. Have you tried raising the loglevel? Are the schemas the same between the servers? Is time in sync between the servers? What versions are you dealing with? You don't provide a lot of info and most of us are not clairvoyant.... Regards, Eli 2011/7/11 <[email protected]>: > > > > > Thanks, > > -Arun > > > > From: Arun Sasi V (WI01 - Manage IT) > Sent: Wednesday, July 06, 2011 5:46 PM > To: '[email protected]' > Subject: Multi Master OpenLdap. > > > > Hello Team, > > > > I have configured Multi-master Mirror mode replica setup in our environment. > We have 3 regions slave Ldap server which is read only and two location we > have configured as mirror mode replica Ldap. My problem here is… > > > > Master Ldap is going hang some times and some ID`s are disappearing from the > master server. I couldn’t find any logs over there for why ID`s are > disappearing and also why Ldap is going hung state. > > > > Thanks & Regards, > > Arun Sasi V > > Please do not print this email unless it is absolutely necessary. > > The information contained in this electronic message and any attachments to > this message are intended for the exclusive use of the addressee(s) and may > contain proprietary, confidential or privileged information. If you are not > the intended recipient, you should not disseminate, distribute or copy this > e-mail. Please notify the sender immediately and destroy all copies of this > message and any attachments. > > WARNING: Computer viruses can be transmitted via email. The recipient should > check this email and any attachments for the presence of viruses. The > company accepts no liability for any damage caused by any virus transmitted > by this email. > > www.wipro.com Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
