Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old Apr 16, 2013, 10:38 AM   #1
DJLC
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
LDAP Issues

So, today has been a massive headache...

I get in to work. AFP is down; nobody can connect. Restarting the service via Server.app didn't help, so I just rebooted the Xserve completely.

Upon boot, LDAP was no longer functional at all. Slapd exits with this error:
Code:
bdb_db_open: database "cn=authdata": db_open(/var/db/openldap/authdata/id2entry.bdb) failed: Invalid argument (22).
I do have a nightly OD backup run by launchd. Unfortunately I was unable to figure out the password to mount the sparseimages that SH script creates. No evidence of the password is in the script, and none of the obvious choices worked.

In a desperate attempt to get things going, I decided to try swapping in the id2entry.bdb file from a system clone I made a few months ago. Not much (if anything) has changed in our directory, after all. LDAP is now functional, but the log is filling itself with:
Code:
SASL [conn=19092] Failure: incorrect digest response
I left a voicemail with our Apple server consultant. Things are mostly working aside from our usual issues with passwords being wiped out and managed preferences being ignored. But meanwhile, can anyone tell me what broke / what kind of sins I committed when I "fixed" it?
__________________
-John Mairs
DJLC is offline   0 Reply With Quote
Old Apr 16, 2013, 10:45 AM   #2
Shrink
macrumors Demi-God
 
Shrink's Avatar
 
Join Date: Feb 2011
Location: New England, USA
I thought your title said LAPD...and I thought, oh, no...not another LA police problem!!
__________________
Two things are infinite, the universe and human stupidity; and I'm not sure about the universe. -- Albert Einstein
Shrink is offline   0 Reply With Quote
Old Apr 16, 2013, 11:56 AM   #3
DJLC
Thread Starter
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
I'd welcome LAPD-style brutality toward OS X Server...
__________________
-John Mairs
DJLC is offline   0 Reply With Quote
Old Apr 17, 2013, 09:03 AM   #4
DJLC
Thread Starter
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
Also, fixed...

Figured out the password for the OD backup archives finally. Restored Friday's backup via Server Admin. All good + clean logs!
__________________
-John Mairs
DJLC is offline   0 Reply With Quote
Old Apr 18, 2013, 11:56 AM   #5
rlkarren
macrumors newbie
 
Join Date: Jan 2013
I would add another layer of protection by implementing an OD Replica. In the instance of failure, simply promote the replica to a master and it will continue where the other left off.

Basically, server1 goes down, server2 takes over. make Server1 a copy of server2, then shutdown server2 and server1 takes over again. promote server1 back to Master. return server2 to replica status

Any Mac will do, even a VM.

IIRC, the Server Admin Manual indicated that replicas were preferred and that all traffic should be routed to the replicas, so that in the case of failure, the Master is untouched.

just my $0.02, trying to be helpful.. ;-)
rlkarren is offline   0 Reply With Quote
Old Apr 18, 2013, 02:44 PM   #6
DJLC
Thread Starter
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
Something similar is definitely on my to-do list! We have a Windows server at a nearby location and the two locations will be connected in a 100Mbps WAN this summer. The plan is to move to an AD/OD mix, with the Windows server handling authentication + RADIUS and the Xserve just kicking in for profile management and AFP. It's become clear to me that OS X Server isn't really suited to run its own domain.
__________________
-John Mairs
DJLC is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
LDAP config changing jnojr OS X 0 Mar 12, 2014 01:25 PM
Apple Address Book LDAP port question Jalopy Mac OS X Server, Xserve, and Networking 0 Nov 19, 2013 05:57 PM
Xserve VPN L2TP cannot see LDAP SouthFresh Mac OS X Server, Xserve, and Networking 0 May 18, 2013 05:32 PM
Sys Pref crashes with ldap network account matt0001 OS X 2 Apr 5, 2013 08:39 AM
Domain required on userid external site LDAP authentication keith.plummer Mac Basics and Help 1 Aug 2, 2012 10:09 AM

Forum Jump

All times are GMT -5. The time now is 09:59 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC