OpenLDAP – How to Index Existing Values

ldapopenldap

I have a ldap database that has been used for some time. naturally it is full on entries.

I recently tried to set up an index for uid to help searching, i added the following to my slapd.conf file

include         /etc/openldap/schema/core.schema
database bdb
suffix "dc=domain,dc=net"
directory /var/lib/ldap
index uid eq,pres

I then ran slapindex

slapindex -f /etc/openldap/slapd.conf -b "dc=jhc,dc=net" uid

But this didnt seem to do it, i dont know if this part is correct but to make any progress the only thing that worked seemed to be adding the following line to a db ldif file in /etc/openldap/slapd.d/cn=config/

olcDbIndex: uid pres,eq

I then ran the slapindex again and started ldap. Searching for a uid is now much faster but doesnt give me a result on entries that where already in the db only new entries show when i do an ldapsearch and filter for the uid, for reference the search is below but i have taken out details of my ldap server

ldapsearch  "cn=admin,dc=domain,dc=net" -b "cn=users,dc=domain,dc=net" "(uid=newuser)"

What am i missing to get entries that already exist to be indexed?

Best Answer

For anyone with this issue the solution is to essential migrate your DB and add in the new index attribute to the config.ldif file, for me this was done by running

slapcat -n 0 -l config.ldif
slapcat -n 2 -l data.ldif

Then remove the files in /etc/openldap/slapd.d and /usr/local/openldap/

Edit the the config.ldif file and add in your index value, if you have other index values just copy them for me it looked like this

olcDbIndex uid eq

The final step is to add your DB back with your two ldif files

slapadd -c -F /etc/openldap/slapd.d -n 0 -l config.ldif
slapadd -c -F /etc/openldap/slapd.d -n 2 -l data.ldif

You should be able to start ldap now, make sure your ldap user is the owner of the openldap folders and its contents.

Related Topic