If OpenLDAP fails to start on a ClearOS system that uses OpenLDAP, many of the services will not function properly. This guide will help you address problems starting OpenLDAP.

If your system is hanging while attempting to boot, you will need to boot in interactive mode and tell the system not to load OpenLDAP.

Make sure the name of the server matches what is in the hosts file:

hostname

cat /etc/hosts

ifconfig

If your IP to name assignment is wrong, you will have trouble starting LDAP. This is especially true if you recently changed an IP address on your server. Try this first and reboot and see if it works.

Another thing to check is to make sure DNS is working:

cat /etc/resolv.conf

This should list the proper DNS servers used by your system.

First, make sure that your server has NOT run out of space on any drives: Perform the following:

df -h

If any of the drive are at or near 100% capacity you will need to resolve that issue before you can address your failed database.

Before modifying or fixing the LDAP directory, we recommend backing up the LDAP database as they are (todays-date would be in the format of 20150901 for September 1, 2015).

mkdir -p /root/support/todays-date
rsync -av /var/lib/ldap* /root/support/todays-date/
rsync -av /etc/init.d/slapd /root/support/todays-date/

If rsync is not installed (not installed on ClearOS 6 by default) install it by running:

yum install rsync

The typical problems that one my encounter is that the LDAP database is not starting because the startup script is failing to start services or that the database has some sort of corruption. To determine what is going on, run the following from command line:

service ldap stop
service ldap start

service slapd stop
service slapd start

The command line start will give you some indication as to what to do next. If it complains about a specific problem like corruption, you can follow the steps to repair the database. If it says 'OK' then check for an actual running process:

ps aux|grep slapd

It is also possible that the service initialization script is encountering an error. Check to see if the following will start your LDAP service:

/usr/sbin/slapd -h 'ldap://127.0.0.1/ ldaps://127.0.0.1/' -u ldap

If this starts your service then you know that your database is probably OK. Check your system to see if things are working ('service ldap status' for ClearOS 5 and 'service slapd status' for ClearOS 6.)

If this didn't start your system, skip this section and go to the next. If this DID start your system, do only this section.

Your issue, if this happens, is with the initialization script. Stop the ldap service ('service ldap stop' for ClearOS 5 and 'service slapd stop' for ClearOS 6.)

Next, you will need to open a remote ClearCARE support ticket or, if you are handy at bash and vi or nano and would like to troubleshoot this yourself, you can make a temporary change to /etc/init.d/slapd (ClearOS 6) by backing up the file (change todays-date for the date today that you specified previously in this document):

cp /etc/init.d/slapd /root/support/todays-date/

Then change this in /etc/init.d/slapd:

        # Start daemons.
        echo -n $"Starting $prog: "
        daemon --pidfile=$pidfile --check=$prog $ulimit ${slapd} -h "\"$harg\"" -u ${user} $OPTIONS $SLAPD_OPTIONS

To this:

        # Start daemons.
        echo Using variables:
        echo ulimit: $ulimit
        echo slapd: ${slapd}
        echo hosts: "\"$harg\""
        echo user: ${user}
        echo options: $OPTIONS
        echo slapd options: $SLAPD_OPTIONS
        echo -n $"Starting $prog: "
        daemon --pidfile=$pidfile --check=$prog $ulimit ${slapd} -h "\"$harg\"" -u ${user} $OPTIONS $SLAPD_OPTIONS

This will spit out what is being attempted to the screen.

If the database itself is the problem, we may need to rebuild it. Even if LDAP did not start we must ensure that it is fully stopped:

ClearOS 5.x

service ldap stop

ClearOS 6.x & 7.x

service slapd stop

Next, you will need to ensure that the 'ldap' system user owns the LDAP files on the system. Run the following from command line:

chown -R ldap:ldap /var/lib/ldap

Once you have completed the preparations above, perform the following recovery items on your databases:

/usr/sbin/slapd_db_recover -v -h /var/lib/ldap

You should get an output like this:

Finding last valid log LSN: file: 1 offset 5385749
Recovery starting from [1][5385604]
Recovery complete at Tue Dec  4 23:13:25 2012
Maximum transaction ID 8000001b Recovery checkpoint [1][5385749]

/usr/sbin/slapd_db_recover -v -h /var/lib/ldap/accesslog

You should get an output like this:

Finding last valid log LSN: file: 1 offset 4090085
Recovery starting from [1][4089940]
Recovery complete at Tue Dec  4 23:13:30 2012
Maximum transaction ID 80000008 Recovery checkpoint [1][4090085]

/usr/bin/db_recover -v -h /var/lib/ldap/

You should get an output like this:

Finding last valid log LSN: file: 1 offset 3465944
Recovery starting from [1][3465799]
Recovery complete at Tue Dec  4 21:17:24 2012
Maximum transaction ID 80000090 Recovery checkpoint [1][3465944]

/usr/bin/db_recover -v -h /var/lib/ldap/accesslog/

You should get an output like this:

Finding last valid log LSN: file: 1 offset 2283690
Recovery starting from [1][2283545]
Recovery complete at Tue Dec  4 21:17:31 2012
Maximum transaction ID 800000db Recovery checkpoint [1][2283690]

Once the databases are repaired, attempt to start the LDAP service:

ClearOS 5.x

service ldap start

ClearOS 6.x & 7.x

service slapd start

If the services start then we recommend that you restart your server from scratch.

If this still does not work you may need to have assistance from your vendor or ClearCenter support. The technician will likely need remote access to your server to perform additional troubleshooting procedures.

ClearOS Documentation … Knowledgebase … Troubleshooting search?q=clearos%2C%20clearos%20content%2C%20clearos5%2C%20clearos6%2C%20troubleshooting%2C%20help%2C%20support%2C%20openldap%2C%20not%20starting%2C%20won%27t%20start%2C%20doesn%27t%20start%2C%20system%20won%27t%20boot%2C%20hangs%20on%20openldap%2C%20maintainer_dloper&btnI=lucky