David Duff

Q: ldap problem

my open directory service seems not to be working.  

 

poking around, i've found that my ldap server seems not to be starting up properly.

 

i get a lot of messages in the logs that seem to indicate that the ldap database may have gotten corrupted, like the following:

 

root@b1026.apple.com:/private/var/tmp/OpenLDAP/OpenLDAP-208.1~6/servers/slapd

Jan 26 13:34:38 duff.homedns.org slapd[95679]: bdb_monitor_db_open: monitoring disabled; configure monitor database to enable

Jan 26 13:34:38 duff.homedns.org slapd[95679]: bdb(cn=authdata): file id2entry.bdb has LSN 1/8423179, past end of log at 1/8175336

Jan 26 13:34:38 duff.homedns.org slapd[95679]: bdb(cn=authdata): Commonly caused by moving a database from one database environment

Jan 26 13:34:38 duff.homedns.org slapd[95679]: bdb(cn=authdata): to another without clearing the database LSNs, or by removing all of

Jan 26 13:34:38 duff.homedns.org slapd[95679]: bdb(cn=authdata): the log files from a database environment

Jan 26 13:34:38 duff.homedns.org slapd[95679]: bdb(cn=authdata): /var/db/openldap/authdata/id2entry.bdb: unexpected file type or format

Jan 26 13:34:38 duff.homedns.org slapd[95679]: bdb_db_open: database "cn=authdata": db_open(/var/db/openldap/authdata/id2entry.bdb) failed: Invalid argument (22).

Jan 26 13:34:39 duff.homedns.org slapd[95679]: backend_startup_one (type=bdb, suffix="cn=authdata"): bi_db_open failed! (22)

Jan 26 13:34:39 duff.homedns.org slapd[95679]: bdb_db_close: database "cn=authdata": alock_close failed

Jan 26 13:34:39 duff.homedns.org slapd[95679]: slapd stopped.

Jan 26 13:34:49 duff.homedns.org slapd[95692]: @(#) $OpenLDAP: slapd 2.4.28 (Aug 31 2012 19:03:50) $

 

 

anyone else seen this problem?  advice?

 

thanks.

Mac OS X (10.6.7)

Posted on Feb 2, 2013 3:10 PM

Close

Q: ldap problem

  • All replies
  • Helpful answers

  • by dmltv,

    dmltv dmltv Feb 2, 2016 2:01 AM in response to David Duff
    Level 1 (8 points)
    Mac OS X
    Feb 2, 2016 2:01 AM in response to David Duff

    Same problem Here after updating to El Capitan 10.11.3. Unable to start the OD Server. Here are the logs from the moment I tried enabling them:

     

    Feb  2 10:43:31 citadel servermgr_dirserv[1860]: servermgr_dirserv: received request to start the Directory Server
    Feb  2 10:43:32 citadel servermgr_dirserv[1860]: servermgr_dirserv: starting Directory Server deamons
    Feb  2 10:43:36 citadel com.apple.xpc.launchd[1] (org.openldap.slapd[1875]): Service exited with abnormal code: 1
    Feb  2 10:43:36 citadel com.apple.xpc.launchd[1] (org.openldap.slapd): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:43:37 citadel xscertd-helper[1876]: ldap_search_ext_s returned -1 - Can't contact LDAP server when searching for bdb suffix, exiting
    Feb  2 10:43:37 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper[1876]): Service exited with abnormal code: 1
    Feb  2 10:43:37 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:43:44 citadel com.apple.xpc.launchd[1] (com.openssh.sshd.397D603A-3572-4545-86E0-D2A7CF091C63[1877]): Service exited with abnormal code: 255
    Feb  2 10:43:46 citadel com.apple.xpc.launchd[1] (org.openldap.slapd[1917]): Service exited with abnormal code: 1
    Feb  2 10:43:46 citadel com.apple.xpc.launchd[1] (org.openldap.slapd): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:43:46 citadel collabd[1883]: [main.m:322 78c04000 +0ms] Configured to exit after about 360 seconds idle
    Feb  2 10:43:47 citadel xscertd-helper[1926]: ldap_search_ext_s returned -1 - Can't contact LDAP server when searching for bdb suffix, exiting
    Feb  2 10:43:47 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper[1926]): Service exited with abnormal code: 1
    Feb  2 10:43:47 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    (org.openldap.slapd[1947]): Service exited with abnormal code: 1
    Feb  2 10:43:56 citadel com.apple.xpc.launchd[1] (org.openldap.slapd): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:43:57 citadel xscertd-helper[1948]: ldap_search_ext_s returned -1 - Can't contact LDAP server when searching for bdb suffix, exiting
    Feb  2 10:43:57 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper[1948]): Service exited with abnormal code: 1
    Feb  2 10:43:57 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:02 citadel servermgr_dirserv[1860]: servermgr_dirserv: Did not receive slapd startup notificaton
    Feb  2 10:44:02 citadel servermgr_dirserv[1860]: servermgr_dirserv: adding /LDAPv3/127.0.0.1 to Authentication Search policy
    Feb  2 10:44:02 citadel servermgr_dirserv[1860]: servermgr_dirserv: adding /LDAPv3/127.0.0.1 to Contacts Search policy
    Feb  2 10:44:02 citadel servermgr_dirserv[1860]: servermgr_dirserv: starting Certificate Server deamons
    Feb  2 10:44:02 citadel servermgr_dirserv[1860]: servermgr_dirserv: no need to restore /var/db/krb5kdc/kdc.conf from LDAP: file already exists
    Feb  2 10:44:02 citadel servermgr_dirserv[1860]: servermgr_dirserv: restarting Kerberos deamons
    Feb  2 10:44:03 citadel com.apple.xpc.launchd[1] (com.apple.Kerberos.kdc): Unknown key for Boolean: ForceEnableHack
    Feb  2 10:44:03 citadel com.apple.xpc.launchd[1] (com.apple.Kerberos.kdc): The ServiceIPC key is no longer respected. Please remove it.
    Feb  2 10:44:03 citadel kdc[1960]: label: SERVER.LOCAL
    Feb  2 10:44:03 citadel kdc[1960]: dbname: od:/LDAPv3/ldapi://%2Fvar%2Frun%2Fldapi
    Feb  2 10:44:03 citadel kdc[1960]: mkey_file: /var/db/krb5kdc/m_key.SERVER.LOCAL
    Feb  2 10:44:03 citadel kdc[1960]: acl_file: /var/db/krb5kdc/acl_file.SERVER.LOCAL
    Feb  2 10:44:03 citadel kdc[1960]: WARNING Found KDC certificate (O=System Identity,CN=com.apple.kerberos.kdc)is missing the PK-INIT KDC EKU, this is bad for interoperability.
    Feb  2 10:44:03 citadel kdc[1960]: KDC started
    Feb  2 10:44:04 citadel com.apple.xpc.launchd[1] (com.openssh.sshd.8189DE75-7D2D-4623-BF4E-2F60813F2F77[1943]): Service exited with abnormal code: 255
    Feb  2 10:44:04 citadel com.apple.xpc.launchd[1] (com.apple.Kerberos.kpasswdd): Unknown key for Boolean: ForceEnableHack
    Feb  2 10:44:05 citadel com.apple.xpc.launchd[1] (com.apple.Kerberos.kadmind): Unknown key for Boolean: ForceEnableHack
    Feb  2 10:44:05 citadel com.apple.xpc.launchd[1] (com.apple.xpc.launchd.domain.system): Caller not allowed to perform action: smd.215, action = service removal, code = 150: Operation not permitted while System Integrity Protection is engaged, uid = 0, euid = 0, gid = 0, egid = 0, asid = 100000
    Feb  2 10:44:05 citadel smd[215]: Could not remove job "com.apple.Kerberos.kcm": 150: Operation not permitted while System Integrity Protection is engaged
    Feb  2 10:44:05 citadel Unknown[1860]: assertion failed: 15D21: ServiceManagement + 5507 [3777FD15-B6F3-32A2-A8E3-3E8CE3B8D5E7]: 0x96
    Feb  2 10:44:05 citadel servermgr_dirserv[1860]: servermgr_dirserv: an error occurred when starting the Directory Server: Unable to restart 1 of the Kerberos daemon:  unable to stop kcm - The operation couldn\u2019t be completed. (CFErrorDomainLaunchd error 2.)
    Feb  2 10:44:05 citadel Server[1084]: Error: The server '127.0.0.1' reported an error while processing a command of type: 'setState' in plug-in: 'servermgr_dirserv'. Error: Error Domain=XSActionErrorDomain Code=0 "Onbekende fout" UserInfo={NSLocalizedDescription=Onbekende fout}
    Feb  2 10:44:06 citadel com.apple.xpc.launchd[1] (org.openldap.slapd[1967]): Service exited with abnormal code: 1
    Feb  2 10:44:06 citadel com.apple.xpc.launchd[1] (org.openldap.slapd): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:07 citadel xscertd-helper[1968]: ldap_search_ext_s returned -1 - Can't contact LDAP server when searching for bdb suffix, exiting
    Feb  2 10:44:07 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper[1968]): Service exited with abnormal code: 1
    Feb  2 10:44:07 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:16 citadel com.apple.xpc.launchd[1] (org.openldap.slapd[1984]): Service exited with abnormal code: 1
    Feb  2 10:44:16 citadel com.apple.xpc.launchd[1] (org.openldap.slapd): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:17 citadel xscertd-helper[1987]: ldap_search_ext_s returned -1 - Can't contact LDAP server when searching for bdb suffix, exiting
    Feb  2 10:44:17 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper[1987]): Service exited with abnormal code: 1
    Feb  2 10:44:17 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:27 citadel com.apple.xpc.launchd[1] (org.openldap.slapd[1999]): Service exited with abnormal code: 1
    Feb  2 10:44:27 citadel com.apple.xpc.launchd[1] (org.openldap.slapd): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:27 citadel xscertd-helper[2001]: ldap_search_ext_s returned -1 - Can't contact LDAP server when searching for bdb suffix, exiting
    Feb  2 10:44:27 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper[2001]): Service exited with abnormal code: 1
    Feb  2 10:44:27 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:30 citadel com.apple.xpc.launchd[1] (com.openssh.sshd.60D583F6-48E0-4FFD-AD83-1918BCD1AED7[1997]): Service exited with abnormal code: 255
    Feb  2 10:44:37 citadel com.apple.xpc.launchd[1] (org.openldap.slapd[2017]): Service exited with abnormal code: 1
    Feb  2 10:44:37 citadel com.apple.xpc.launchd[1] (org.openldap.slapd): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:37 citadel xscertd-helper[2018]: ldap_search_ext_s returned -1 - Can't contact LDAP server when searching for bdb suffix, exiting
    Feb  2 10:44:37 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper[2018]): Service exited with abnormal code: 1
    Feb  2 10:44:37 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:47 citadel com.apple.xpc.launchd[1] (org.openldap.slapd[2035]): Service exited with abnormal code: 1
    Feb  2 10:44:47 citadel com.apple.xpc.launchd[1] (org.openldap.slapd): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    Feb  2 10:44:47 citadel xscertd-helper[2036]: ldap_search_ext_s returned -1 - Can't contact LDAP server when searching for bdb suffix, exiting
    Feb  2 10:44:47 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper[2036]): Service exited with abnormal code: 1
    Feb  2 10:44:47 citadel com.apple.xpc.launchd[1] (com.apple.xscertd-helper): Service only ran for 0 seconds. Pushing respawn out by 10 seconds.
    
    

     

    My guess is some database got corrupted

  • by SquirrelMac,

    SquirrelMac SquirrelMac Feb 2, 2016 3:43 AM in response to dmltv
    Level 1 (5 points)
    Mac OS X
    Feb 2, 2016 3:43 AM in response to dmltv

    I'm also having trouble starting my OD on one of my servers.

     

    Error i'm seeing is "Can't contact LDAP server when searching for bdb, exiting"

     

    I'm running server 5.0.15 on 10.10.5 though.

  • by SquirrelMac,

    SquirrelMac SquirrelMac Feb 3, 2016 1:01 AM in response to SquirrelMac
    Level 1 (5 points)
    Mac OS X
    Feb 3, 2016 1:01 AM in response to SquirrelMac

    Any luck with this issue? I'm reluctant to destroy the LDAP if we can find another way around this.

  • by SquirrelMac,

    SquirrelMac SquirrelMac Feb 4, 2016 2:50 AM in response to SquirrelMac
    Level 1 (5 points)
    Mac OS X
    Feb 4, 2016 2:50 AM in response to SquirrelMac

    As this thread has gone dead, i think i'll demote the server and restore from archive.

  • by reusensj,

    reusensj reusensj May 24, 2016 1:34 PM in response to SquirrelMac
    Level 1 (4 points)
    May 24, 2016 1:34 PM in response to SquirrelMac

    I have the same problem using contacts or mail on my mac but it works perfectly with following applications on the same mac:

    - thunderbird

    - outlook

    This is clearly a bug in Mail and Contacts.

    So for now I've stopped using Mail and Contacts on my mac but I"m using Outlook (?!?) from Microsoft!!!