I was checking my openldap logfiles today, and noticed that the “cn” attribute wasn’t indexed. I found this by checking for the “index_param” string in my OpenLDAP logfiles:
$ grep "index_param failed" /var/log/openldap
Dec 25 13:37:19 winnie slapd[730]: [ID 635189 local4.debug] < = bdb_substring_candidates: (cn) index_param failed (18)
To fix this problem, I added an “index” statement to my slapd.conf:
index cn,mail,sn eq,pres,sub
Once the index was added, I rebuilt the indexes with the “slapdindex” utility:
$ slapindex -f /usr/local/openldap-common/etc/slapd.conf -b "dc=synackfin,dc=com"
The OpenLDAP documentation has more info in case your interested in learning more:
http://www.openldap.org/doc/admin22/