How-to: Cleanup LDAP mdb and free used space

How to cleanup your OpenLDAP database (mdb) in order to reduce its disk space

You might have received a Nagios warning that your mdb database is reaching its maxsize limit

SLAPD MDB CRITICAL: More than 90% (in fact 93%) of mdb database is use, please increase ldap/database/mdb/maxsize (and restart ldap server)

Especially with 32-Bit systems there often is no way to raise the limit so reducing the used size is the better option.

free up pre-allocs

It might be sufficient to free up preallocated space in the mdb file by simply coping it as follows

root@ucs:~# mkdir /var/lib/univention-ldap/ldap-new
root@ucs:~# systemctl stop slapd.service
root@ucs:~# mdb_copy -c /var/lib/univention-ldap/ldap/ /var/lib/univention-ldap/ldap-new
root@ucs:~# mv ldap ldap-old; mv ldap-new ldap
root@ucs:~# systemctl start slapd.service

rewrite data

A more efficient way might be to rewrite all data in the mdb database. Depending on the size of your OpenLDAP this will take a while and in the meantime your LDAP is not available.

root@ucs:~# systemctl stop univention-directory-listener slapd.service
root@ucs:~# slapcat >ldap_full.ldif
root@ucs:~# tar -cjvf "ldap_backup_$(date '+%s').tar.bz2" /var/lib/univention-ldap/ldap/data.mdb --remove-files
root@ucs:~# slapadd -l ldap_full.ldif
root@ucs:~# systemctl start slapd.service univention-directory-listener

See also: