After restoring an OpenLDAP server I found these lines in the logs:
Mar 5 06:50:03 ldap slapd[4815]: <= bdb_equality_candidates: (uidNumber) index_param failed (13) Mar 5 06:50:04 ldap slapd[4815]: <= bdb_equality_candidates: (uid) index_param failed (13)
This means OpenLDAP is query’ing its database, but found no index for fields it often uses. In this case ‘uid’ and ‘uidNumber’. It seems due to restoring the backup, these indexes got lost. Here is how to add the indexes again:
Stop the OpenLDAP server:
/etc/init.d/slapd stop
Open the config file where we’ll add the indexes:
vim /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{1\}hdb.ldif
Add the new indexes, after the first ‘olcDbIndex: objectClass eq in’ line. In my case this was in the file:
... olcDbIndex: objectClass eq ...
And I changed that to:
... olcDbIndex: objectClass eq olcDbIndex: uid eq olcDbIndex: uidNumber eq olcDbIndex: uniqueMember eq olcDbIndex: gidNumber eq ...
Be sure not to touch other settings in that file. Just add the lines after the first index. After that, make sure to reindex the database:
slapindex -F /etc/ldap/slapd.d/
Since I ran that as root user, I need to fix permissions afterwards:
chown -R openldap:openldap /var/lib/ldap
Make sure when you do a ‘ls -la’ on /var/lib/ldap, all files (including the folder itself) are owner and group ‘openldap’, otherwise OpenLDAP will not start.
Now it’s time to start OpenLDAP again:
/etc/init.d/slapd start
And all should be well again! When it does not start and look like this:
PANIC: fatal region error detected; run recovery
Be sure to check the permissions as stated above!
for debian -> http://d.hatena.ne.jp/labunix/20130421
Hi, after change the file, when I run slapindex -F /etc/ldap/slapd.d/, I get a error:
ldif_read_file: checksum error on “/etc/ldap/slapd.d//cn=config/olcDatabase={1}hdb/ldif ”
Seems they no longer let user to modify this file……
can anyone help?
Revert the change you just made, because this procedure just doesn’t work on LDAP with Dynamic Config
For “ldif_read_file: checksum error”
https://www.tools4noobs.com/online_php_functions/crc32/