Re: Please help on Openldap issue

Eggo why Thu, 13 Dec 2018 11:25:16 -0800

Hi All,
     After incorporate your suggestions I have mutl master replication 
environment up and running.  I am able to ldapadd from server1 and do a 
ldapsearch  on server2 and see the entry that was added from server1 and vice 
versa.  However, I am run into restore issue.  I use slapcat -b 
"dc=cornell,dc=edu" -l data.lfid to do a database backup and using slapadd -f 
data.ldif to restore it but when try to start slapd I got error.  Do I mssing 
sometinng or forgot to do somthing?  Below is my commands out put.  Once again 
thank you very much for all your help.


Garry


[ldap@ip-10-92-164-27 ~]$ slapadd -f data.ldif

5c12a90f data.ldif: line 1: unknown directive <dn:> outside backend info and 
database definitions.

slapadd: bad configuration file!

[ldap@ip-10-92-164-27 ~]$ slapadd -l /home/ldap/data.ldif

5c12a94f bdb_monitor_db_open: monitoring disabled; configure monitor database 
to enable

5c12a94f => bdb_tool_entry_put: id2entry_add failed: BDB0067 DB_KEYEXIST: 
Key/data pair already exists (-30994)

5c12a94f => bdb_tool_entry_put: txn_aborted! BDB0067 DB_KEYEXIST: Key/data pair 
already exists (-30994)

slapadd: could not add entry dn="dc=cornell,dc=edu" (line=1): txn_aborted! 
BDB0067 DB_KEYEXIST: Key/data pair already exists (-30994)

_####                  20.90% eta   none elapsed            none spd   1.3 M/s

[centos@ip-10-92-164-27 lib]$ sudo systemctl start slapd

Job for slapd.service failed because the control process exited with error 
code. See "systemctl status slapd.service" and "journalctl -xe" for details.

[centos@ip-10-92-164-27 lib]$ systemctl status slapd.service -l

● slapd.service - OpenLDAP Server Daemon

   Loaded: loaded (/usr/lib/systemd/system/slapd.service; disabled; vendor 
preset: disabled)

   Active: failed (Result: exit-code) since Thu 2018-12-13 18:49:20 UTC; 9s ago

     Docs: man:slapd

           man:slapd-config

           man:slapd-hdb

           man:slapd-mdb

           file:///usr/share/doc/openldap-servers/guide.html

  Process: 12775 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} 
$SLAPD_OPTIONS (code=exited, status=1/FAILURE)

  Process: 12762 ExecStartPre=/usr/libexec/openldap/check-config.sh 
(code=exited, status=0/SUCCESS)

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal systemd[1]: Starting OpenLDAP 
Server Daemon...

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal runuser[12765]: 
pam_unix(runuser:session): session opened for user ldap by (uid=0)

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal slapd[12775]: @(#) $OpenLDAP: 
slapd 2.4.44 (Oct 30 2018 23:14:27) $

                                                                   
[email protected]:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal slapd[12775]: 
/etc/openldap/slapd.conf: line 109: invalid path: Permission denied

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal slapd[12775]: slapd stopped.

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal slapd[12775]: connections_destroy: 
nothing to destroy.

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal systemd[1]: slapd.service: control 
process exited, code=exited status=1

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal systemd[1]: Failed to start 
OpenLDAP Server Daemon.

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal systemd[1]: Unit slapd.service 
entered failed state.

Dec 13 18:49:20 ip-10-92-164-27.ec2.internal systemd[1]: slapd.service failed.

[centos@ip-10-92-164-27 lib]$ sudo ls -ltr /var/lib/ldap

total 19536

-rw-r--r--. 1 ldap ldap      845 Dec 13 18:43 DB_CONFIG

-rw-------. 1 ldap ldap     8192 Dec 13 18:43 dn2id.bdb

-rw-------. 1 ldap ldap     8192 Dec 13 18:43 cn.bdb

-rw-------. 1 ldap ldap  3761704 Dec 13 18:47 __db.003

-rw-------. 1 ldap ldap 17448960 Dec 13 18:47 __db.002

-rw-------. 1 ldap ldap  2326528 Dec 13 18:47 __db.001

-rw-------. 1 ldap ldap     8192 Dec 13 18:47 entryCSN.bdb

-rw-------. 1 ldap ldap     8192 Dec 13 18:47 entryUUID.bdb

-rw-------. 1 ldap ldap     8192 Dec 13 18:47 objectClass.bdb

-rw-------. 1 ldap ldap    32768 Dec 13 18:47 id2entry.bdb

-rw-------. 1 ldap ldap 10485760 Dec 13 18:47 log.0000000001

-rw-r--r--. 1 ldap ldap     4096 Dec 13 18:47 alock

[centos@ip-10-92-164-27 lib]$ journalctl -xe

-- The start-up result is done.

Dec 13 18:51:40 ip-10-92-164-27.ec2.internal kubelet[12861]: F1213 
18:51:40.496492   12861 server.go:189] failed to load Kubelet config file 
/var/li

Dec 13 18:51:40 ip-10-92-164-27.ec2.internal systemd[1]: kubelet.service: main 
process exited, code=exited, status=255/n/a

Dec 13 18:51:40 ip-10-92-164-27.ec2.internal systemd[1]: Unit kubelet.service 
entered failed state.

Dec 13 18:51:40 ip-10-92-164-27.ec2.internal systemd[1]: kubelet.service failed.

Dec 13 18:51:50 ip-10-92-164-27.ec2.internal systemd[1]: kubelet.service 
holdoff time over, scheduling restart.

Dec 13 18:51:50 ip-10-92-164-27.ec2.internal systemd[1]: Stopped kubelet: The 
Kubernetes Node Agent.

-- Subject: Unit kubelet.service has finished shutting down

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

--

-- Unit kubelet.service has finished shutting down.

Dec 13 18:51:50 ip-10-92-164-27.ec2.internal systemd[1]: Started kubelet: The 
Kubernetes Node Agent.

-- Subject: Unit kubelet.service has finished start-up

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

--

-- Unit kubelet.service has finished starting up.

--

-- The start-up result is done.

Dec 13 18:51:50 ip-10-92-164-27.ec2.internal kubelet[12867]: F1213 
18:51:50.746589   12867 server.go:189] failed to load Kubelet config file 
/var/li

Dec 13 18:51:50 ip-10-92-164-27.ec2.internal systemd[1]: kubelet.service: main 
process exited, code=exited, status=255/n/a

Dec 13 18:51:50 ip-10-92-164-27.ec2.internal systemd[1]: Unit kubelet.service 
entered failed state.

Dec 13 18:51:50 ip-10-92-164-27.ec2.internal systemd[1]: kubelet.service failed.

Dec 13 18:52:00 ip-10-92-164-27.ec2.internal systemd[1]: kubelet.service 
holdoff time over, scheduling restart.

Dec 13 18:52:00 ip-10-92-164-27.ec2.internal systemd[1]: Stopped kubelet: The 
Kubernetes Node Agent.

-- Subject: Unit kubelet.service has finished shutting down

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

--

-- Unit kubelet.service has finished shutting down.

Dec 13 18:52:00 ip-10-92-164-27.ec2.internal systemd[1]: Started kubelet: The 
Kubernetes Node Agent.

-- Subject: Unit kubelet.service has finished start-up

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

--

-- Unit kubelet.service has finished starting up.

--

-- The start-up result is done.

Dec 13 18:52:00 ip-10-92-164-27.ec2.internal kubelet[12873]: F1213 
18:52:00.996272   12873 server.go:189] failed to load Kubelet config file 
/var/li

Dec 13 18:52:00 ip-10-92-164-27.ec2.internal systemd[1]: kubelet.service: main 
process exited, code=exited, status=255/n/a

Dec 13 18:52:00 ip-10-92-164-27.ec2.internal systemd[1]: Unit kubelet.service 
entered failed state.

Dec 13 18:52:00 ip-10-92-164-27.ec2.internal systemd[1]: kubelet.service failed.

lines 2580-2622/2622 (END)


________________________________
From: openldap-technical <[email protected]> on behalf of 
Eggo why <[email protected]>
Sent: Monday, December 10, 2018 11:56 PM
To: Quanah Gibson-Mount; [email protected]
Subject: Re: Please help on Openldap issue

Hi All,
Thank you very much for all your help.  I just realized that all the emails 
from openldap.org was going to deleted folder.

The quotes you're using appear to be high-bit instead of standard ascii.
Did you cut and paste out of a word document or something?  --> Yes, I copy it 
from my note that was take down while doing my first configuration.

Any particular reason why you want to define your DB at root level? --> No 
reason, Because this Openldap instance is going to use for Oracle tnsname 
lookup only.

I will try out all your suggestions and report it back.  Once again, I am very 
appreciate all your help.

Garry

________________________________
From: Quanah Gibson-Mount <[email protected]>
Sent: Friday, December 7, 2018 3:18 PM
To: Michael Ströder; Eggo why; [email protected]
Subject: Re: Please help on Openldap issue

--On Friday, December 07, 2018 4:13 PM +0100 Michael Ströder
<[email protected]> wrote:


> Value given with -D must match rootdn in database section of your
> slapd.conf.

You may want to read the slapd.conf a little closer.  There are multiple
DB's defined.



database        bdb
suffix          "dc=cornell,dc=edu"
rootdn          "cn=admin,dc=cornell,dc=edu"

Although it's not clear to me the submitter is actually reading our
responses, given they didn't read the last set of answers.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Re: Please help on Openldap issue

Reply via email to