Checking for OpenLDAP unindexed searches

I was checking my openldap logfiles today, and noticed that the “cn” attribute wasn’t indexed. I found this by checking for the “index_param” string in my OpenLDAP logfiles:

$ grep “index_param failed” /var/log/openldap

Dec 25 13:37:19 winnie slapd[730]: [ID 635189 local4.debug] < = bdb_substring_candidates: (cn) index_param failed (18) To fix this problem, I added an "index" statement to my slapd.conf: index cn,mail,sn eq,pres,sub Once the index was added, I rebuilt the indexes with the "slapdindex" utility: $ slapindex -f /usr/local/openldap-common/etc/slapd.conf -b “dc=synackfin,dc=com”

The OpenLDAP documentation has more info in case your interested in learning more:

http://www.openldap.org/doc/admin22/

Leave a Reply

Your email address will not be published. Required fields are marked *