Kathy,
You need to make sure there are equality indexes for the following
attributes:
* changenumber
* targetuniqueid
Run these commands on all your servers:
# ldapmodify -D "cn=directory manager" -W
dn: cn=changenumber,cn=index,cn=userroot,cn=ldbm
database,cn=plugins,cn=config
changetype: add
objectClass: top
objectClass: nsIndex
cn: changenumber
nsSystemIndex: false
nsIndexType: eq
# ldapmodify -D "cn=directory manager" -W
dn: cn=targetuniqueid,cn=index,cn=userroot,cn=ldbm
database,cn=plugins,cn=config
changetype: add
objectClass: top
objectClass: nsIndex
cn: targetuniqueid
nsSystemIndex: false
nsIndexType: eq
You might already have one of these indexes already present, so if you
get an error 68 (already exists) it's ok. I think changenumber is
already present, but targetuniqueid is the one that is missing.
Then you need to index these attributes:
# db2index.pl -D "cn=directory manager" -w - -n userroot -t
changenumber:eq -a targetuniqueid:eq
That should do it.
HTH,
Mark
On 3/28/22 1:50 PM, Kathy Zhu via FreeIPA-users wrote:
Happy Monday, List!
On my IPA server, top shows dirsrv using lots of resources, when
checking, I found this:
[root@ipa2 ~]# systemctl status [email protected] -l
...
Mar 28 09:29:56 ipa2.example.com <http://ipa2.example.com>
ns-slapd[1945]: [28/Mar/2022:09:29:56.142846906 -0700] - NOTICE -
ldbm_back_search - Internal unindexed search: source
(cn=server,cn=plugins,cn=config) search base="cn=changelog" scope=2
filter="(&(changenumber>=-1)(targetuniqueid=7315af86-7b1911e8-83e6fb86-bfdbf4a5))"
conn=0 op=0
Mar 28 09:31:14 ipa2.example.com <http://ipa2.example.com>
ns-slapd[1945]: [28/Mar/2022:09:31:14.176933263 -0700] - ERR -
log_result - Internal unindexed search: source
(cn=server,cn=plugins,cn=config) search base="cn=changelog"
filter="(&(changenumber>=-1)(targetuniqueid=7315af86-7b1911e8-83e6fb86-bfdbf4a5))"
etime=78.977553767 nentries=459824notes=A
Mar 28 09:31:23 ipa2.example.com <http://ipa2.example.com>
ns-slapd[1945]: [28/Mar/2022:09:31:23.311185621 -0700] - NOTICE -
ldbm_back_search - Internal unindexed search: source
(cn=server,cn=plugins,cn=config) search base="cn=changelog" scope=2
filter="(&(changenumber>=-1)(targetuniqueid=7315af86-7b1911e8-83e6fb86-bfdbf4a5))"
conn=0 op=0
...
Googled and found this bug -
https://bugzilla.redhat.com/show_bug.cgi?id=1951020
However, the bug is for Red Hat 8.3 while we are in Centos 7.9:
CentOS Linux release 7.9.2009 (Core)
ipa-*server*.x86_64 4.6.8-5.el7.centos.7
*slapi-nis*.x86_640.56.5-3.el7_9
*389*-ds-base.x86_641.3.10.2-12.el7_9
*389*-ds-base-libs.x86_64 1.3.10.2-12.el7_9
Any idea of what's going on and how to fix it?
Thanks!
Kathy.
_______________________________________________
FreeIPA-users mailing list [email protected]
To unsubscribe send an email [email protected]
Fedora Code of
Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines
List
Archives:https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report
it:https://pagure.io/fedora-infrastructure
--
Directory Server Development Team
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
