Re: index data loss issue

["John Madden" <jmadden@ivytech.edu>]

More info and findings on this issue...

>> While the LDAP directory is running, we've added an index on
>> "mailacceptinggeneralid," Postfix's default email alias attribute,
>> which appears to work ok after 'slapindex'ing it.  However, after a
>> restart of slapd, data is no longer returned when filtering on this
>> attribute.  Quite a serious issue.
>
> Try this: stop openldap, regenerate indices, start openldap. This
> should take no more than 3 minutes max (depending on the number of
> entries and indices you have). My guess is openldap is confused because
> you added an index to it while it was running.

After an LDIF extract of the directory to import it into another LDAP
server (thinking "installation's hosed, start over"), I found that I
couldn't import the data cleanly.  slapadd was exiting with "invalid value
for syntax" errors.

It turns out that there are a lot of attributes in the directory with
either no value or a value of " ", neither of which are apparently allowed
for syntax 1.3.6.1.4.1.1466.115.121.1.15.  Interestingly, slapd allows the
attributes to be added this way, but slapadd won't.  If I'm reading the
RFC correctly though, a space should certainly be a valid character.

Once these "bad" attributes were removed from the directory, indexing
worked/works fine.  Very odd...

John






-- 
John Madden
UNIX Systems Engineer
Ivy Tech State College
jmadden@ivytech.edu