Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old Apr 16, 2013, 09:38 AM   #1
DJLC
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
LDAP Issues

So, today has been a massive headache...

I get in to work. AFP is down; nobody can connect. Restarting the service via Server.app didn't help, so I just rebooted the Xserve completely.

Upon boot, LDAP was no longer functional at all. Slapd exits with this error:
Code:
bdb_db_open: database "cn=authdata": db_open(/var/db/openldap/authdata/id2entry.bdb) failed: Invalid argument (22).
I do have a nightly OD backup run by launchd. Unfortunately I was unable to figure out the password to mount the sparseimages that SH script creates. No evidence of the password is in the script, and none of the obvious choices worked.

In a desperate attempt to get things going, I decided to try swapping in the id2entry.bdb file from a system clone I made a few months ago. Not much (if anything) has changed in our directory, after all. LDAP is now functional, but the log is filling itself with:
Code:
SASL [conn=19092] Failure: incorrect digest response
I left a voicemail with our Apple server consultant. Things are mostly working aside from our usual issues with passwords being wiped out and managed preferences being ignored. But meanwhile, can anyone tell me what broke / what kind of sins I committed when I "fixed" it?
__________________
-John Mairs
DJLC is offline   0 Reply With Quote
Old Apr 16, 2013, 09:45 AM   #2
Shrink
macrumors Demi-God
 
Shrink's Avatar
 
Join Date: Feb 2011
Location: New England, USA
I thought your title said LAPD...and I thought, oh, no...not another LA police problem!!
__________________
Two things are infinite, the universe and human stupidity; and I'm not sure about the universe. -- Albert Einstein
Shrink is online now   0 Reply With Quote
Old Apr 16, 2013, 10:56 AM   #3
DJLC
Thread Starter
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
I'd welcome LAPD-style brutality toward OS X Server...
__________________
-John Mairs
DJLC is offline   0 Reply With Quote
Old Apr 17, 2013, 08:03 AM   #4
DJLC
Thread Starter
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
Also, fixed...

Figured out the password for the OD backup archives finally. Restored Friday's backup via Server Admin. All good + clean logs!
__________________
-John Mairs
DJLC is offline   0 Reply With Quote
Old Apr 18, 2013, 10:56 AM   #5
rlkarren
macrumors newbie
 
Join Date: Jan 2013
I would add another layer of protection by implementing an OD Replica. In the instance of failure, simply promote the replica to a master and it will continue where the other left off.

Basically, server1 goes down, server2 takes over. make Server1 a copy of server2, then shutdown server2 and server1 takes over again. promote server1 back to Master. return server2 to replica status

Any Mac will do, even a VM.

IIRC, the Server Admin Manual indicated that replicas were preferred and that all traffic should be routed to the replicas, so that in the case of failure, the Master is untouched.

just my $0.02, trying to be helpful.. ;-)
rlkarren is offline   0 Reply With Quote
Old Apr 18, 2013, 01:44 PM   #6
DJLC
Thread Starter
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
Something similar is definitely on my to-do list! We have a Windows server at a nearby location and the two locations will be connected in a 100Mbps WAN this summer. The plan is to move to an AD/OD mix, with the Windows server handling authentication + RADIUS and the Xserve just kicking in for profile management and AFP. It's become clear to me that OS X Server isn't really suited to run its own domain.
__________________
-John Mairs
DJLC is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 07:24 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC