Worklog: More LDAP Indices

August 25, 2005

[Firefighting] More LDAP Indices

Last night I rebuilt the LDAP indices on ASHTI after adding an index for uidNumber.

Everything went fine, and the index rebuilt within about 7 minutes. Total downtime was maybe 20 minutes, what with turning off services and restarting them.

Turn off LDAP synchronization cron jobs on BARIS, KE, and SHANTI.

Turn off Sendmail on BARIS and TAIKA (they’re LDAP-capable, and I’d prefer no Sendmail to LDAP connection errors during the downtime).

Upload new index LDIF.

Block LDAP access on ASHTI to ports 389 and 636 in the packet filter.

Run the indexing command.

Then reverse as appropriate to come back out of it.

Posted by Rowan Littell at August 25, 2005 09:49 AM