1

Topic: How to change Openldap database directory

Hello Team,

We are using iRedMail 0.6.0 with Openldap backend and iRedAdmin 1.2.0. As a part of disaster recovery strategy, we want to change the openldap database location.

1) We want to change the daabase directory of Openldap from /var/lib/ldap to /var/vmail/ldap. Could someone please let me know the settings I need to make to achieve this?

2) I tried to creae /var/lib/ldap as a linked folder (actual database located under /var/vmail/ldap). Permissions to the files and folders under this were set exactly the same. when I start ldap service, i get the following error:
backend_startup_one: bi_db_open failed! (-1)
slap_startup failed (test would succeed using the -u switch)    [FAILED]
stale lock files may be present in /var/lib/ldap/dbname  [WARNING]
If I remove the linked folder and copy the contents to /var/lib/ldap, everything works perfectly fine. Is linked folder not going to work for ldap? or am I missing something here? (Please note that the folder /var/vmail folder is a separate LUN in the SAN).

I would like to achieve any one of the scinario mentioned above. I tried to get some help from Openldap forum and tech support, but did not get any reply back. Any help on this would be highly appreciated.

2

Re: How to change Openldap database directory

Change 'directory' parameter in slapd.conf. Don't forget to set correct permission on new database directory.

3

Re: How to change Openldap database directory

Thanks Zhang for the reply.
In fact, that is the first thing I did, I get the following error when I start ldap service.

Checking configuration files for slapd: bdb_db_open: Cannot access database directory /var/vamail/ldap/mydomain.com (13)
Backend_startup_one: bi_db_open failed! (-1)
Slap_startup failed (test would succeed using the –u switch) [FAILED]
Stale lock files may be present in /var/vmail/ldap/mydomain.com [WARNING]

Permission looks exactly the same. Any idea why this error?

4

Re: How to change Openldap database directory

Can you try to set 'loglevel 256' in slapd.conf and then restart openldap? it will give your more details.

If it doesn't work, please make sure openldap is stopped, remove '*.lock' files under your ldap database directory, and then restart openldap.

post related log in /var/log/openldap.log here.

5

Re: How to change Openldap database directory

Increased the logging as you sugested, but it did not log anything in openldap.log file. Tried to set the logging level and 128 and -1 as well, still nothing logged in the log file.
Also there is no .lock file under ldap or database directory. There was a file by name "alock". Tried to remove this file, but did not make any difference.
If I remove the database from ldap folder, service starts fine.

Any other idea?

6

Re: How to change Openldap database directory

Can you list all files in you directory and paste here?

7

Re: How to change Openldap database directory

Here is the list of files under the database directory.
total 444044
-rwx------ 1 ldap ldap      8192 Apr 21 03:40 accessPolicy.bdb
-rwx------ 1 ldap ldap      8192 May 15 23:41 accountStatus.bdb
-rw-r--r-- 1 ldap ldap      4096 Jun 25 23:57 alock
-rwx------ 1 ldap ldap     20480 May 15 23:41 cn.bdb
-rwx------ 1 ldap ldap     24576 Apr 19 20:26 __db.001
-rwx------ 1 ldap ldap 104857600 Apr 19 20:26 __db.002
-rwx------ 1 ldap ldap 335552512 Apr 19 20:26 __db.003
-rwx------ 1 ldap ldap   2359296 Apr 19 20:26 __db.004
-rwx------ 1 ldap ldap    557056 Apr 19 20:26 __db.005
-rwx------ 1 ldap ldap     24576 Apr 19 20:26 __db.006
-rwx------ 1 ldap ldap       921 Apr 19 20:26 DB_CONFIG
-rwx------ 1 ldap ldap     28672 May 15 23:41 dn2id.bdb
-rwx------ 1 ldap ldap      8192 May 15 23:41 domainAdmin.bdb
-rwx------ 1 ldap ldap      8192 Apr 19 20:30 domainBackupMX.bdb
-rwx------ 1 ldap ldap      8192 May 15 23:41 domainGlobalAdmin.bdb
-rwx------ 1 ldap ldap      8192 May  4 20:41 domainName.bdb
-rwx------ 1 ldap ldap     24576 May  4 20:56 enabledService.bdb
-rwx------ 1 ldap ldap      8192 May  4 20:41 givenName.bdb
-rwx------ 1 ldap ldap      8192 Apr 21 03:40 hasMember.bdb
-rwx------ 1 ldap ldap      8192 May  4 20:56 homeDirectory.bdb
-rwx------ 1 ldap ldap     98304 May 15 23:41 id2entry.bdb
-rwx------ 1 ldap ldap  10485760 Jun 25 23:57 log.0000000001
-rwx------ 1 ldap ldap     28672 May 15 23:41 mail.bdb
-rwx------ 1 ldap ldap      8192 May  4 20:56 mailMessageStore.bdb
-rwx------ 1 ldap ldap      8192 May  4 20:41 memberOfGroup.bdb
-rwx------ 1 ldap ldap      8192 May  4 20:56 mtaTransport.bdb
-rwx------ 1 ldap ldap     16384 May 15 23:41 objectClass.bdb
-rwx------ 1 ldap ldap      8192 May  4 20:41 ou.bdb
-rwx------ 1 ldap ldap      8192 Apr 19 20:30 shadowAddress.bdb
-rwx------ 1 ldap ldap     16384 May  4 20:56 sn.bdb
-rwx------ 1 ldap ldap     16384 May  4 20:56 uid.bdb

8

Re: How to change Openldap database directory

ZhangHuangbin wrote:

Change 'directory' parameter in slapd.conf. Don't forget to set correct permission on new database directory.

This method works for me on CENTOS 5.5, i386. Did you have correct permission on new database directory.