Dear Rich, all,
Am 28.07.15 um 19:08 schrieb Rich Megginson:
# ldapsearch -xLLL -D cn=directory manager -W -s base -b
dc=uni-wuppertal,dc=de
[...]
real0m4.559s
user0m0.403s
sys 0m0.057s
[root@ipa httpd]#
Looks okay to us, or?
4 seconds? That seems way too long.
No..
On 07/24/2015 01:20 AM, Torsten Harenberg wrote:
Dear Rich and all,
thanks to everbody! Really thankful for your support.
The situation really approved.
We:
- enlarged the caches for 389ds until the WARNING messages disappeared
in the log files,
- (just to be sure) re-sync'ed firewalld rules
Dear Rich and all,
thanks to everbody! Really thankful for your support.
The situation really approved.
We:
- enlarged the caches for 389ds until the WARNING messages disappeared
in the log files,
- (just to be sure) re-sync'ed firewalld rules between primary and
secondary server.
Now the
Maybe related or not:
even after rebooting both IPA servers, the secondary has every 5
minutes (not only during startup)
[23/Jul/2015:08:00:25 +0200] slapd_ldap_sasl_interactive_bind - Error:
could not perform interactive bind for id [] mech [GSSAPI]: LDAP error
-1 (Can't contact LDAP server)
On 07/22/2015 11:47 PM, Torsten Harenberg wrote:
Good morning,
Am 22.07.15 um 19:25 schrieb Rich Megginson:
On 07/22/2015 11:03 AM, Torsten Harenberg wrote:
Dear Rich,
Am 22.07.2015 um 17:03 schrieb Rich Megginson:
It might be helpful to do a # debuginfo-install 389-ds-base ipa-server
On Thu, Jul 23, 2015 at 08:35:45AM +0200, Torsten Harenberg wrote:
Huu.. situation is getting worse.
Even after a full reboot, slapd does not start at all anymore on the
primary server.
This is the full log (looks like the realm is missing suddenly?):
...
[23/Jul/2015:08:25:09 +0200]
Hi Sumit,
The principal looks strange, I would at least expect the fully-qualified
name of the ipa server here. What does the 'hostname' command return? It
[root@ipa slapd-PLEIADES-UNI-WUPPERTAL-DE]# hostname
ipa.pleiades.uni-wuppertal.de
is expected that it will return the fully-qualified
On Thu, Jul 23, 2015 at 09:18:43AM +0200, Torsten Harenberg wrote:
Hi Sumit,
The principal looks strange, I would at least expect the fully-qualified
name of the ipa server here. What does the 'hostname' command return? It
[root@ipa slapd-PLEIADES-UNI-WUPPERTAL-DE]# hostname
Huu.. situation is getting worse.
Even after a full reboot, slapd does not start at all anymore on the
primary server.
This is the full log (looks like the realm is missing suddenly?):
[23/Jul/2015:07:40:53 +0200] - slapd stopped.
[23/Jul/2015:08:25:06 +0200] - Config Warning: -
On 07/23/2015 09:56 AM, Sumit Bose wrote:
On Thu, Jul 23, 2015 at 09:18:43AM +0200, Torsten Harenberg wrote:
Hi Sumit,
The principal looks strange, I would at least expect the fully-qualified
name of the ipa server here. What does the 'hostname' command return? It
[root@ipa
Hi Sumit,
I'm not a 389ds expert but in my setup nsslapd-cachememsize is set to
10M and since I didn't do any tuning I would expect that this is some
default.
Perhaps we should start with increasing the nsslapd-cachememsize to 10M
and than see what happens with our server. Actually, how
On Thu, Jul 23, 2015 at 10:21:41AM +0200, Marisa Sandhoff wrote:
Hi Sumit,
I'm not a 389ds expert but in my setup nsslapd-cachememsize is set to
10M and since I didn't do any tuning I would expect that this is some
default.
Perhaps we should start with increasing the
you can change the cachememsize online:
ldapmodify
dn: cn=your backend name,cn=ldbm database,cn=plugins,cn=config
changetype: modify
replace: nsslapd-cachememsize
nsslapd-cachememsize: new size
But I would also increase the dbcache size, which would
On 07/22/2015 03:39 AM, Torsten Harenberg wrote:
Dear Alexander, dear Sumit,
thank you very much indeed for the quick replies.
Am 22.07.15 um 11:21 schrieb Sumit Bose:
Looks like there are issues getting the needed data from the local LDAP
server. The message below about the master key points
Dear Rich,
Am 22.07.2015 um 17:03 schrieb Rich Megginson:
It might be helpful to do a # debuginfo-install 389-ds-base ipa-server
slapi-nis
and follow the directions at
http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-hangs
to get a full stack trace
thanks for the hint. Did that.
Hi Rich,
Am 22.07.2015 um 19:25 schrieb Rich Megginson:
No, probably not. I think it is either BIND or sssd.
from that I would say sssd:
[root@ipa ~]# netstat -p
Aktive Internetverbindungen (ohne Server)
Proto Recv-Q Send-Q Local Address Foreign Address
State PID/Program
On Wed, Jul 22, 2015 at 11:25:12AM -0600, Rich Megginson wrote:
/lib64/libpthread.so.0
#1 0x7fb8544f5440 in PR_WaitCondVar () from /lib64/libnspr4.so
#2 0x7fb8565f19a5 in ps_send_results ()
#3 0x7fb8544facab in _pt_root () from /lib64/libnspr4.so
#4 0x7fb853e9b52a in
Am 22.07.2015 um 21:49 schrieb Rich Megginson:
but strage: there is no bind binary:
Then I'm not sure what's going on.
currently there is a java process on ldaps:
[root@ipa ~]# netstat -p -n | grep 636
tcp6 0 0 132.195.124.12:636 132.195.124.12:36546
VERBUNDEN 800/ns-slapd
On 07/22/2015 11:03 AM, Torsten Harenberg wrote:
Dear Rich,
Am 22.07.2015 um 17:03 schrieb Rich Megginson:
It might be helpful to do a # debuginfo-install 389-ds-base ipa-server
slapi-nis
and follow the directions at
http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-hangs
to get a full
On 07/22/2015 02:09 PM, Torsten Harenberg wrote:
Am 22.07.2015 um 21:49 schrieb Rich Megginson:
but strage: there is no bind binary:
Then I'm not sure what's going on.
currently there is a java process on ldaps:
[root@ipa ~]# netstat -p -n | grep 636
tcp6 0 0 132.195.124.12:636
Dear Alexander, dear Sumit,
thank you very much indeed for the quick replies.
Am 22.07.15 um 11:21 schrieb Sumit Bose:
Looks like there are issues getting the needed data from the local LDAP
server. The message below about the master key points into the same
direction. Can you check the 389ds
On Wed, Jul 22, 2015 at 11:39:25AM +0200, Torsten Harenberg wrote:
Dear Alexander, dear Sumit,
thank you very much indeed for the quick replies.
Am 22.07.15 um 11:21 schrieb Sumit Bose:
Looks like there are issues getting the needed data from the local LDAP
server. The message below
On Wed, 22 Jul 2015, Torsten Harenberg wrote:
Dear Alexander, dear Sumit,
thank you very much indeed for the quick replies.
Am 22.07.15 um 11:21 schrieb Sumit Bose:
Looks like there are issues getting the needed data from the local LDAP
server. The message below about the master key points
Good morning,
Am 22.07.15 um 19:25 schrieb Rich Megginson:
On 07/22/2015 11:03 AM, Torsten Harenberg wrote:
Dear Rich,
Am 22.07.2015 um 17:03 schrieb Rich Megginson:
It might be helpful to do a # debuginfo-install 389-ds-base ipa-server
slapi-nis
and follow the directions at
24 matches
Mail list logo