While copying some ldap databases to another environment I faced several issues, here I’ll leave a list of useful things to do/check everytime we need to perform this kind of task.

Because I’m working with LDAP 2.4 you’ll notice that I’m using the new «DIT» format (cn=config) instead of the deprecated «.conf» files, you can learn alot about the basics just reading this article on Digital Ocean.

Fast Procedure

  • Copy the whole configuration into the new server (usually from) /etc/openldap
  • Copy all the ldap information into the new server, databases, logs, etc.. (usually from) /var/lib/ldap
#Once the files are placed into the new server give the correct permissions to the user which is going to run 
# the service:
$> sudo chown -R ldap: /var/lib/ldap
$> sudo chmod g+rw /var/lib/ldap
# depending on your system verify which permissions you need in /etc/openldap
#perform a db recover
$> db_recover -c -v -f -h /var/lib/ldap
#Try to start the server in debug mode and fix any possible error
$> /usr/sbin/slapd -u ldap -h "ldapi:/// ldap:///" -4 -d 2

Fixing errors

Errors while configuring

ldap_read: want=8 error=Resource temporarily unavailable

bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found

Fix

Start Openldap with a higher debugging level:

$> /usr/sbin/slapd -u ldap -h "ldapi:/// ldap:///" -4 -d 3

I saw this line in the output (this is how I knew that I needed to add the «people» schema:

5aaa82a3 bdb_dn2entry("ou=people,c=arg,o=company")
5aaa82a3 => bdb_dn2id("o=company")
5aaa82a3 => bdb_dn2id("ou=people,c=arg,o=company")
5aaa82a3 <= bdb_dn2id:get failed: BDB0073 DB_NOTFOUND: No matching key/data pair found (-30988)
5aaa82a3 => ldap_read: want=8 error=Resource temporarily unavailable

It’s possible you need to add some schemas into your database. In my case after deleting everything from /var/lib/ldap to have a fresh start I needed to add this (in example):

ldapadd -x -h localhost -D "dc=admin,o=company" -W -f first_items.ldif

This is the content of first_items.ldif

dn: o=company
o: COMPANY
objectClass: organization
objectClass: top

# lolo, company
dn: c=lolo,o=company
c: lolo
objectClass: country
objectClass: top

# Group, lolo, company
dn: ou=Group,c=lolo,o=company
objectClass: top
objectClass: organizationalUnit
ou: Group

# Group, lolo, company
dn: ou=people,c=lolo,o=company
objectClass: top
objectClass: organizationalUnit
ou: people

Errors after running the service

BDB1546 unable to join the environment

This happened because a log filled my / to 100%, after freeing some space the ldap service worked fine.