Friday, June 13, 2014

LDAP -bi_db_open failed

If you try to start your openLDAP process but failed, and you see the following error in your log file:

Jun 11 21:44:36 server slapd[16170]: hdb_db_open: database "dc=mydomain,dc=com" cannot be opened, err 13. Restore from backup!
Jun 11 21:44:36 server slapd[16170]: bdb(dc=mydomain,dc=com): txn_checkpoint interface requires an environment configured for the transaction subsystem
Jun 11 21:44:36 server slapd[16170]: bdb_db_close: database "dc=mydomain,dc=com": txn_checkpoint failed: Invalid argument (22).
Jun 11 21:44:36 server slapd[16170]: backend_startup_one (type=hdb, suffix="dc=mydomain,dc=com"): bi_db_open failed! (13)
Jun 11 21:44:36 server slapd[16170]: bdb_db_close: database "dc=mydomain,dc=com": alock_close failed

this means openLDAP is querying its database, but found no index for fields it often uses. You can add indexes by the following steps:

Open the config file where we’ll add the indexes:
# vim /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{1\}hdb.ldif
Add the new indexes, after the first ‘olcDbIndex: objectClass eq in’ line. In my case this was in the file:
...
olcDbIndex: objectClass eq
...

And I changed that to:
...
olcDbIndex: objectClass eq
olcDbIndex: uid eq
olcDbIndex: uidNumber eq
olcDbIndex: uniqueMember eq
olcDbIndex: gidNumber eq
...

Then you do a reindex:
# slapindex -F /etc/ldap/slapd.d/

Double check permissions on /var/lib/ldap and make sure all files are owned by user "openldap":

Now restart slapd and all should be good.

No comments: