Updating your LDAP indices
by Imre Jonk
Hi all,
A recent change to the default LDAP indices [1] requires that you manually update your olcDbIndex attributes before running the debops.slapd role. This is because the role can only add olcDbIndex attributes, not modify them.
To do this, simply upload the attached LDIF file to your slapd server and run ldapmodify as root to update the cn=config database:
# ldapmodify -Y EXTERNAL -H ldapi:/// -f indices.ldif
This will update the olcDbIndex attributes of the "olcDatabase={1}mdb,cn=config" entry. You should be able to run the debops.slapd role afterwards.
Note however that this does not update existing indices. If you want to use the new indices in your search filters, you should re-index your database with slapindex(8). This requires database downtime. The procedure is described in the OpenLDAP FAQ [2].
[1] https://github.com/debops/debops/commit/1e17d0997ede2368b2f19d833a9bad028...
[2] https://www.openldap.org/faq/data/cache/136.html
2 years, 9 months
