Opened 11 years ago

Last modified 10 years ago

#184 new enhancement

LDAP database consistency check

Reported by: ezyang Owned by:
Priority: normal Milestone:
Component: internals Keywords:
Cc:

Description

We should perform periodic consistency checks between the LDAP databases; in particular, this is a good thing to do after a server has crashed. Here's one very simple way you can do it that appears to work in practice:

[root@old-faithful ~]# cat > test.sh
#!/bin/sh
sort $2 | sha1sum -
[root@old-faithful ~]# chmod a+x test.sh
[root@old-faithful ~]# VISUAL=./test.sh ldapvi -b dc=scripts,dc=mit,dc=edu
  14878 entries read                                                                                                                             
1b7f526e87314b5a9fac5edaa2c65f860e467db5  -
No changes.

More robust methods may be possible. This is a good candidate for script-ifying or putting into Nagios.

Change History (2)

comment:1 Changed 11 years ago by mitchb

As we've discussed before, this isn't correct, because replication is asynchronous. It's good to do as a check when nothing's going on to sanity-check consistency after a crash, but it's wrong to tell Nagios that something's wrong if a change hasn't propagated all over yet. Nagios already checks for replication errors.

comment:2 Changed 10 years ago by ezyang

  • Keywords easy removed

"Not so easy."

Note: See TracTickets for help on using tickets.