Gerd-Christian Michalke
2005-Oct-03 06:18 UTC
[Samba] Samba/OpenLDAP reliability issue: backend experience needed
Hi this is more of an OpenLDAP issue, but since it is mostly used with Samba, some experience would be helpful. We have a SLES9 PDC, running samba-3.0.14a, openldap 2.2.6 Sometimes, the OpenLDAP gets corrupted, no ideas why. It's a bad thing. We have 100+ computers, 300+ users, which shall get 350 computers and 800 users. What would you suggest in order to be reliable ? Reliability is more important than speed for us. I used to work with a bdb backend, had problems; the SuSE consultant told us to use ldbm, but it isn't any better. Any advice would be helpful since googleling gives mostly contradictory information about that. Kind regard, Gerd
Tomasz Chmielewski
2005-Oct-03 09:28 UTC
[Samba] Samba/OpenLDAP reliability issue: backend experience needed
Gerd-Christian Michalke schrieb: > Hi > > this is more of an OpenLDAP issue, but since it is mostly used with Samba, some experience would be helpful. > > We have a SLES9 PDC, running samba-3.0.14a, openldap 2.2.6 > > Sometimes, the OpenLDAP gets corrupted, no ideas why. It's a bad thing. > > We have 100+ computers, 300+ users, which shall get 350 computers and 800 users. > > What would you suggest in order to be reliable ? Reliability is more important than speed for us. > > I used to work with a bdb backend, had problems; the SuSE consultant told us to use ldbm, but it isn't any better. > > Any advice would be helpful since googleling gives mostly contradictory information about that. well, in your case it's likely to be the problem with the OpenLDAP server, not Samba. I have almost 30 Samba + OpenLDAP servers and they are 100% reliable. Generally, OpenLDAP shouldn't get corrupted, either you use bdb or ldbm or any other backend. You are running one of the first OpenLDAP from the 2.2.x branch. First thing I'd do in your case would be to upgrade to either 2.2.28, or 2.3.7. If the problem persists, go and ask on OpenLDAP mailing lists. -- Tomek http://wpkg.org WPKG - software deployment and upgrades with Samba
paul kölle
2005-Oct-03 10:53 UTC
[Samba] Re: Samba/OpenLDAP reliability issue: backend experience needed
Gerd-Christian Michalke wrote: [snipp]> Sometimes, the OpenLDAP gets corrupted, no ideas why. It's a bad thing.Randomly?> What would you suggest in order to be reliable ? Reliability is more important > than speed for us.Do you have a DB_CONFIG file with proper settings for your bdb environment? I suggest reading the relevant articles on the openldap faq-o-matic wrt bdb and the sleepycat documentation on DB_CONFIG parameters.> > I used to work with a bdb backend, had problems; the SuSE consultant told us > to use ldbm, but it isn't any better.Get another consultant. cheers Paul
Jamrock
2005-Oct-04 02:23 UTC
[Samba] Re: Samba/OpenLDAP reliability issue: backend experience needed
"Gerd-Christian Michalke" <gmichalk@freegates.be> wrote in message news:200510020758.15560.gmichalk@freegates.be...> Hi > > this is more of an OpenLDAP issue, but since it is mostly used with Samba, > some experience would be helpful. > > We have a SLES9 PDC, running samba-3.0.14a, openldap 2.2.6 > > Sometimes, the OpenLDAP gets corrupted, no ideas why. It's a bad thing. > > We have 100+ computers, 300+ users, which shall get 350 computers and 800 > users. > > What would you suggest in order to be reliable ? Reliability is moreimportant> than speed for us. > > I used to work with a bdb backend, had problems; the SuSE consultant toldus> to use ldbm, but it isn't any better. > > Any advice would be helpful since googleling gives mostly contradictory > information about that. > > Kind regard, > Gerd > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/sambaDo a search on the ldap mailing list for db_recover. If your server reboots without a proper shutdown, you may need to run db_recover before you can access your data. You can find the mailing list here: http://marc.theaimsgroup.com/?l=openldap-software&r=1&w=2 I put the db_recover command in my /etc/rc.local so it just runs automatically when my server starts. I think the command automatically runs when some of the newer versions of Openldap start up. You could also have a look at setting up a secondary ldap server. That way you can replicate your database as new entries are added. We really haven't had any problems with Openldap. Bdb is generally considered to be the better database.