Univention Bugzilla – Bug 47464
mdb_equality_candidates: (memberOf) not indexed
Last modified: 2021-03-12 19:52:27 CET
A customer reported the following syslog message:
Aug 3 13:55:23 server slapd: <= mdb_equality_candidates: (memberOf) not indexed
The reason might be the change of the default slapd debug level: Bug #47196.
I have noticed these log entries on a system with ldap/debug/level=0.
The critical part is that we have a KB article (https://help.univention.com/t/problem-log-entries-mdb-equality-candidates-o-not-indexed/10259) with a solution for other attributes.
It appears as if this does not apply to memberOf.
root@dcm:~# /usr/share/univention-ldap/ldap_setup_index --add-eq memberOf
CRITICAL:__main__:Error in OpenLDAP configuration:
/etc/ldap/slapd.conf: line 143: index attribute "memberOf" undefined
slaptest: bad configuration file!
To fix this problem, memberOf has to be removed from the UCRV ldap/index/eq
The problem arises from the order of configuration statements in the slapd.conf file.
Currently the index definitions come before the loading of the memberof module,
so we simply have to change that, so OpenLDAP knows the attribute when the indices are specified.
I guess we just need to rename management/univention-ldap-overlay-memberof/conffiles/etc/ldap/slapd.conf.d/41univention-ldap-overlay-memberof to 39univention-ldap-overlay-memberof , to make indexing possible.
Regarding the warning message that is topic of this bug please note the general advice by Michael Ströder: