Hello dear list, Please try respond to this post, because that's very important for out project to fix described problem!
We are trying to configure access logging in my OpenLDAP server (version is 2.3.27) using slapo-accesslog overlay. In slapd.conf I have configured accesslog database according to manual: database bdb suffix "cn=accesslog" rootdn "cn=root,cn=accesslog" rootpw accesslog index reqStart eq database bdb suffix "dc=main_domain,dc=com" checkpoint 1024 5 cachesize 10000 rootdn "cn=Administrator,dc=main_domain,dc=com" overlay accesslog logdb "cn=accesslog" logops writes logold (objectclass=person) In previous version of slapd.conf there was also slapo-refint overlay enabled to support 'uniqueMember' attribute update after member entry is renamed or deleted: overlay refint refint_attributes uniqueMember After turning on access logging I inspect the following problem: I create 2 users (objectclass=person) and a group (objectclass=groupOfUniqueNames), then I add both users to that group (add users DN values to uniqueMember attribute). Next I'm trying to rename (or delete) one of the member users and... LDAP hangs up with no response. When I connect once again, then I see that action was performed (user is renamed or deleted, but old member reference is present in group attributes). However, I'm not able to modify directory (that is add some new entry, modify attribute value etc) LDAP hangs up on any attempt and only OpenLDAP restart helps. Last note is that this problem appears only when both accesslog and refint are enabled. Separately they are working as expected. Does anybody have an idea about the reason of such a problem? We tried to find some useful information in logs, but nothing is there (maybe we just looked in wrong place) Maybe it's possbile to configure access-log to use database on different LDAP server? Maybe that could help? Please help! We need to have this working together! Thanks in advance, Alina.
