Ugh, sorry had a typo, each attribute is specified with "-t". So
replace the "-a" with a "-t":
db2index.pl <http://db2index.pl> -D "cn=directory manager" -w Nur09089
-n userroot -t changenumber:eq -t targetuniqueid:eq
Mark
On 3/28/22 3:44 PM, Kathy Zhu wrote:
Hi Mark,
Thank you! After modifying the DB, when tried to index, I ran into:
[root@ipa2 ~]# db2index.pl <http://db2index.pl> -D "cn=directory
manager" -w Nur09089 -n userroot -t changenumber:eq -a targetuniqueid:eq
ERROR - Unknown option: -a
Usage: db2index.pl <http://db2index.pl> [-Z serverID] [-D rootdn] { -w
password | -w - | -j filename } [-P protocol]
-n backendname [-t attributeName[:indextypes[:matchingrules]]] [-T
vlvTag] [-h]
Options:
-D rootdn - Directory Manager
-w password - Directory Manager's password
-w -- Prompt for Directory Manager's password
-j filename - Read Directory Manager's password from file
-Z serverID - Server instance identifer
-n backendname- Backend database name.Example: userRoot
-t attributeName[:indextypes[:matchingrules]]
- attributeName: name of the attribute to be indexed
If omitted, all the indexes defined for that instance are generated.
- indextypes: comma separated index types
- matchingrules: comma separated matrules
Example: -t foo:eq,pres
-T vlvTag - VLV index name
-P protocol - STARTTLS, LDAPS, LDAPI, LDAP (default: uses most secure
protocol available)
-h- Display usage
[root@ipa2 ~]#
I am not familar with 389 DB, worry about making mistake here. Will
you please help with the syntax? Thanks.
Kathy.
On Mon, Mar 28, 2022 at 11:44 AM Mark Reynolds <[email protected]>
wrote:
Kathy,
You need to make sure there are equality indexes for the following
attributes:
* changenumber
* targetuniqueid
Run these commands on all your servers:
# ldapmodify -D "cn=directory manager" -W
dn: cn=changenumber,cn=index,cn=userroot,cn=ldbm
database,cn=plugins,cn=config
changetype: add
objectClass: top
objectClass: nsIndex
cn: changenumber
nsSystemIndex: false
nsIndexType: eq
# ldapmodify -D "cn=directory manager" -W
dn: cn=targetuniqueid,cn=index,cn=userroot,cn=ldbm
database,cn=plugins,cn=config
changetype: add
objectClass: top
objectClass: nsIndex
cn: targetuniqueid
nsSystemIndex: false
nsIndexType: eq
You might already have one of these indexes already present, so if
you get an error 68 (already exists) it's ok. I think
changenumber is already present, but targetuniqueid is the one
that is missing.
Then you need to index these attributes:
# db2index.pl <http://db2index.pl> -D "cn=directory manager"
-w - -n userroot -t changenumber:eq -a targetuniqueid:eq
That should do it.
HTH,
Mark
On 3/28/22 1:50 PM, Kathy Zhu via FreeIPA-users wrote:
Happy Monday, List!
On my IPA server, top shows dirsrv using lots of resources, when
checking, I found this:
[root@ipa2 ~]# systemctl status [email protected] -l
...
Mar 28 09:29:56 ipa2.example.com <http://ipa2.example.com>
ns-slapd[1945]: [28/Mar/2022:09:29:56.142846906 -0700] - NOTICE -
ldbm_back_search - Internal unindexed search: source
(cn=server,cn=plugins,cn=config) search base="cn=changelog"
scope=2
filter="(&(changenumber>=-1)(targetuniqueid=7315af86-7b1911e8-83e6fb86-bfdbf4a5))"
conn=0 op=0
Mar 28 09:31:14 ipa2.example.com <http://ipa2.example.com>
ns-slapd[1945]: [28/Mar/2022:09:31:14.176933263 -0700] - ERR -
log_result - Internal unindexed search: source
(cn=server,cn=plugins,cn=config) search base="cn=changelog"
filter="(&(changenumber>=-1)(targetuniqueid=7315af86-7b1911e8-83e6fb86-bfdbf4a5))"
etime=78.977553767 nentries=459824notes=A
Mar 28 09:31:23 ipa2.example.com <http://ipa2.example.com>
ns-slapd[1945]: [28/Mar/2022:09:31:23.311185621 -0700] - NOTICE -
ldbm_back_search - Internal unindexed search: source
(cn=server,cn=plugins,cn=config) search base="cn=changelog"
scope=2
filter="(&(changenumber>=-1)(targetuniqueid=7315af86-7b1911e8-83e6fb86-bfdbf4a5))"
conn=0 op=0
...
Googled and found this bug -
https://bugzilla.redhat.com/show_bug.cgi?id=1951020
However, the bug is for Red Hat 8.3 while we are in Centos 7.9:
CentOS Linux release 7.9.2009 (Core)
ipa-*server*.x86_64 4.6.8-5.el7.centos.7
*slapi-nis*.x86_640.56.5-3.el7_9
*389*-ds-base.x86_641.3.10.2-12.el7_9
*389*-ds-base-libs.x86_64 1.3.10.2-12.el7_9
Any idea of what's going on and how to fix it?
Thanks!
Kathy.
_______________________________________________
FreeIPA-users mailing list [email protected]
To unsubscribe send an email [email protected]
Fedora Code of
Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines
List
Archives:https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report
it:https://pagure.io/fedora-infrastructure
--
Directory Server Development Team
--
Directory Server Development Team
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
