Monday, June 24, 2013

Fixing "bdb_equality_candidates" errors on your OpenLDAP server

Repost from

  1. Stop the LDAP server:
    sudo stop slapd
  2. Open the right OpenLDAP config file with an editor:
    sudo vi /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{1\}hdb.ldif
  3. Add new lines (after the one with olcDbIndex: objectClass eq in it) for the missing indexes.
    olcDbIndex: cn eq
    olcDbIndex: gidNumber eq
    olcDbIndex: memberUid eq
    olcDbIndex: uid eq
    olcDbIndex: uidNumber eq
    olcDbIndex: uniqueMember eq
  4. Run the OpenLDAP indexer for your configuration:
    sudo -u openldap slapindex -F /etc/ldap/slapd.d/
  5. Start the LDAP server:
    sudo start slapd
PS: don't forget to back up your OpenLDAP database (in /var/lib/ldap) before you touch it.