Linux Scroll

Just another site

Repair ldap database "Can not connect to LDAP Server!"

If you experiencing LDAP errors (for example, all authentication fails or “Can not connect to LDAP Server!”).

Step 1
Restarting the LDAP server:

$ /etc/init.d/ldap restart

Step 2 Repair Ldap db:
(1) Stop the LDAP server:

$ /etc/init.d/ldap stop

(2) Perform the recovery:
(a) On Red Hat, Centos, Fedora:

$ /usr/sbin/slapd_db_recover -h /var/lib/ldap

(b) On SLES, Opensuse:

$ db_recover -h /var/lib/ldap

(3) Reboot the machine.

In the event that the problems persist after running the above procedure, use the following procedure.

Step 3:
(1) Stop the ldap server

$ /etc/init.d/ldap stop

$ killall slapd

(2) Make a backup of ldap files:

$ tar -cvzf ldap.tar.gz /var/lib/ldap/*

Backup ldap.tar.gz.

(3) Perform a recovery:
(a) on Red Hat, Centos, Fedora:

$ /usr/sbin/slapd_db_recover -h /var/lib/ldap

(b) On SLES, Opensuse:

$ db_recover -h /var/lib/ldap -v

(4) Dump the directory structure to a text file

$ slapcat -l ldap.ldif

(sometimes it is needed to delete all bdb files, _but_ “dn2id” and “id2entry”, being able to “slapcat” the files)

(5) Verify that the resultant file (ldap.ldif) contains directory entries.
If it does not, or if slapcat returned errors in step 4, try running db_recover in catastrophic mode:

$ db_recover -h /var/lib/ldap -v -c

(6) Delete the corrupted LDAP directory with the following command:

$ rm -fr /var/lib/ldap/*

(7) Recreate the DB_CONFIG file, which contains some basic informations for the bdb backend:

$ echo -en "set_cachesize 0 15000000 1\nset_lg_bsize 2097152\n" >/var/lib/ldap/


This file only exists on SLES9 as default.

(8) Reload the LDAP directory from the ldap.ldif file you produced in step 4 with the following command:

$ slapadd -l ldap.ldif

(9) The files have to be owned by the user “ldap”, hence we have to run

$ chown -R ldap: /var/lib/ldap

(10) Start the LDAP server

$ /etc/init.d/ldap start

Test: If the command “ldapsearch -x uid=mailadmin” returns any results, everything went well.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: