Recovering A Corrupt LDAP Database On OS X Server

Recovering A Corrupt LDAP Database On OS X Server

A couple of times recently I have been asked to recover Open Directory running on Mac OS X Server. Each time the server was an Open Directory Master and its LDAP database had become corrupted, causing authentication issues for their clients and services. No replicas or backups where available (Remember to always backup )

For each server I was able to repair the LDAP database using built in tools that Apple supply.

If you find yourself in this situation here is how to recover the database.

Apple supply a command line tool named `db_recover` which we can use to repair the LDAP database.

The database itself can be found here, /var/db/openldap folder. Even thou it is corrupted its always best to make a copy of it before attempting the repair.

To perform the repair run the `db_recover`tool:

sudo db_recover -h /var/db/openldap/openldap-data/

After a few seconds the tool should have finished. Reboot the server and see if its worked. In the past I have had to run this tool a few times in order for the database to be fully recovered.

Posted by: Richard Mallion On Thursday, January 5th, 2012 – Blog
By Richard Mallion

addendum:
the location of the folder /var/db/openldap
it’s also possible to restore this from a backup