If OpenLDAP fails to start on a ClearOS system that uses OpenLDAP, many of the services will not function properly. This guide will help you address problems starting OpenLDAP.
If your system is hanging while attempting to boot, you will need to boot in interactive mode and tell the system not to load OpenLDAP.
Make sure the name of the server matches what is in the hosts file:
hostname
cat /etc/hosts
ifconfig
If your IP to name assignment is wrong, you will have trouble starting LDAP. This is especially true if you recently changed an IP address on your server. Try this first and reboot and see if it works.
Another thing to check is to make sure DNS is working:
cat /etc/resolv.conf
This should list the proper DNS servers used by your system.
First, make sure that your server has NOT run out of space on any drives: Perform the following:
df -h
If any of the drive are at or near 100% capacity you will need to resolve that issue before you can address your failed database.
Before modifying or fixing the LDAP directory, we recommend backing up the LDAP database as they are (todays-date would be in the format of 20150901 for September 1, 2015).
mkdir -p /root/support/todays-date rsync -av /var/lib/ldap* /root/support/todays-date/ rsync -av /etc/init.d/slapd /root/support/todays-date/
If rsync is not installed (not installed on ClearOS 6 by default) install it by running:
yum install rsync
The typical problems that one my encounter is that the LDAP database is not starting because the startup script is failing to start services or that the database has some sort of corruption. To determine what is going on, run the following from command line:
service ldap stop service ldap start
service slapd stop service slapd start
The command line start will give you some indication as to what to do next. If it complains about a specific problem like corruption, you can follow the steps to repair the database. If it says 'OK' then check for an actual running process:
ps aux|grep slapd
It is also possible that the service initialization script is encountering an error. Check to see if the following will start your LDAP service:
/usr/sbin/slapd -h 'ldap://127.0.0.1/ ldaps://127.0.0.1/' -u ldap
If this starts your service then you know that your database is probably OK. Check your system to see if things are working ('service ldap status' for ClearOS 5 and 'service slapd status' for ClearOS 6.)
If this didn't start your system, skip this section and go to the next. If this DID start your system, do only this section.
Your issue, if this happens, is with the initialization script. Stop the ldap service ('service ldap stop' for ClearOS 5 and 'service slapd stop' for ClearOS 6.)
Next, you will need to open a remote ClearCARE support ticket or, if you are handy at bash and vi or nano and would like to troubleshoot this yourself, you can make a temporary change to /etc/init.d/slapd (ClearOS 6) by backing up the file (change todays-date for the date today that you specified previously in this document):
cp /etc/init.d/slapd /root/support/todays-date/
Then change this in /etc/init.d/slapd:
# Start daemons. echo -n $"Starting $prog: " daemon --pidfile=$pidfile --check=$prog $ulimit ${slapd} -h "\"$harg\"" -u ${user} $OPTIONS $SLAPD_OPTIONS
To this:
# Start daemons. echo Using variables: echo ulimit: $ulimit echo slapd: ${slapd} echo hosts: "\"$harg\"" echo user: ${user} echo options: $OPTIONS echo slapd options: $SLAPD_OPTIONS echo -n $"Starting $prog: " daemon --pidfile=$pidfile --check=$prog $ulimit ${slapd} -h "\"$harg\"" -u ${user} $OPTIONS $SLAPD_OPTIONS
This will spit out what is being attempted to the screen.
If the database itself is the problem, we may need to rebuild it. Even if LDAP did not start we must ensure that it is fully stopped:
ClearOS 5.x
service ldap stop
ClearOS 6.x & 7.x
service slapd stop
Next, you will need to ensure that the 'ldap' system user owns the LDAP files on the system. Run the following from command line:
chown -R ldap:ldap /var/lib/ldap
Once you have completed the preparations above, perform the following recovery items on your databases:
/usr/sbin/slapd_db_recover -v -h /var/lib/ldap
You should get an output like this:
Finding last valid log LSN: file: 1 offset 5385749 Recovery starting from [1][5385604] Recovery complete at Tue Dec 4 23:13:25 2012 Maximum transaction ID 8000001b Recovery checkpoint [1][5385749]
/usr/sbin/slapd_db_recover -v -h /var/lib/ldap/accesslog
You should get an output like this:
Finding last valid log LSN: file: 1 offset 4090085 Recovery starting from [1][4089940] Recovery complete at Tue Dec 4 23:13:30 2012 Maximum transaction ID 80000008 Recovery checkpoint [1][4090085]
/usr/bin/db_recover -v -h /var/lib/ldap/
You should get an output like this:
Finding last valid log LSN: file: 1 offset 3465944 Recovery starting from [1][3465799] Recovery complete at Tue Dec 4 21:17:24 2012 Maximum transaction ID 80000090 Recovery checkpoint [1][3465944]
/usr/bin/db_recover -v -h /var/lib/ldap/accesslog/
You should get an output like this:
Finding last valid log LSN: file: 1 offset 2283690 Recovery starting from [1][2283545] Recovery complete at Tue Dec 4 21:17:31 2012 Maximum transaction ID 800000db Recovery checkpoint [1][2283690]
Once the databases are repaired, attempt to start the LDAP service:
ClearOS 5.x
service ldap start
ClearOS 6.x & 7.x
service slapd start
If the services start then we recommend that you restart your server from scratch.
If this still does not work you may need to have assistance from your vendor or ClearCenter support. The technician will likely need remote access to your server to perform additional troubleshooting procedures.
ClearOS Documentation … Knowledgebase … Troubleshooting search?q=clearos%2C%20clearos%20content%2C%20clearos5%2C%20clearos6%2C%20troubleshooting%2C%20help%2C%20support%2C%20openldap%2C%20not%20starting%2C%20won%27t%20start%2C%20doesn%27t%20start%2C%20system%20won%27t%20boot%2C%20hangs%20on%20openldap%2C%20maintainer_dloper&btnI=lucky