Date: Wed, 23 Sep 2009 11:29:54 +0930 From: "Daniel O'Connor" <doconnor@gsoft.com.au> To: Tim Judd <tajudd@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: LDAP server gone -> impossible to login locally! Message-ID: <200909231129.56152.doconnor@gsoft.com.au> In-Reply-To: <ade45ae90909221845p41cd23b2i6e8b8e62e4013bb@mail.gmail.com> References: <4AB8BAA9.1060100@zedat.fu-berlin.de> <200909231104.39234.doconnor@gsoft.com.au> <ade45ae90909221845p41cd23b2i6e8b8e62e4013bb@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart3755631.bkMUtaLzL9 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wed, 23 Sep 2009, Tim Judd wrote: > > On a related note, why is slapd so damn fragile? It's a righteous > > pain in the bum the way you have to run db_recover-X.Y > > /var/db/openldap-data if slapd fails to start. > > I run OpenLDAP on a few boxes. I don't recall the power failures or > rude shutdowns to ever give me problems... Course, I don't have > anything hi-traffic, so I would definately have time for softupdates > to flush to disk before a crash is inevitable. This isn't high traffic, it's basically read only. > I've marked this thread, it's been useful already with the > '[unavail=3Dcontinue notfound=3Dcontinue]' pieces after the ldap > dictionary in nsswitch.conf man nsswitch.conf :) > Now I have another command, db_recover You can benefit from my torn out hair from when I went looking for it :) > > disabled (which is recommended for performance!) it won't say > > _anything_. > > To have OpenLDAP logging, you have to insert local4.* statements in > syslog.conf, touch the given file, and restart syslog. Any logging > that OpenLDAP would need to send, is then recorded in syslog. > > Why they picked 4, of 1 through 7, I'm not sure. Thanks, I've enabled it, normally I just fish through all.log :) =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart3755631.bkMUtaLzL9 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) iD8DBQBKuYEc5ZPcIHs/zowRAiqVAJoC8VyWEOv+qzBE8U+i0CCLdRI9swCgpoxy 3PppEpd2SGPAfb5WRsPyYpA= =E2Ja -----END PGP SIGNATURE----- --nextPart3755631.bkMUtaLzL9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909231129.56152.doconnor>