Fix a broken Open Directory

Ah MacOS server….I love thee, but you drive me nuts sometimes!

The OpenLDAP databases are as robust as toilet paper – using the term ‘fragile’ just doesn’t say enough.

Almost every time you need to force MacOS / OS X server to restart, Open Directory loses its shit and refuses to start again. This will result in missing Users and Groups – don’t worry, they are still there, just hidden away and the users are unable to access anything. Oh wait…yes, worry!

Luckily, its quite straightforward with the following terminal commands

sudo launchctl unload /System/Library/LaunchDaemons/org.openldap.slapd.plist
sudo /usr/libexec/slapd -Tt
sudo db_recover -cv -h /var/db/openldap/openldap-data/
sudo db_recover -cv -h /var/db/openldap/authdata/
sudo /usr/libexec/slapd -Tt
sudo launchctl load /System/Library/LaunchDaemons/org.openldap.slapd.plist

If this sequence of commands doesn’t fix it, then you will need to restore the LDAP databases from the system backup with the following command:

sudo slapconfig -restoredb /private/var/backups/ServerBackup_OpenDirectoryMaster.sparseimage

0 comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.