The LDAP service does not start on a server causing multiple issues.
Step 1 Identify the reason
An attempt to start the service manually through
systemctl restart slapd does not succeed and
journalctl -xe shows the following lines:
Mär 10 15:32:46 ucs slapd: @(#) $OpenLDAP: slapd (Nov 26 2019 12:59:58) $ Debian OpenLDAP Maintainers <firstname.lastname@example.org> Mär 10 15:32:46 ucs slapd: Loaded metadata from "/usr/share/univention-management-console/saml/idp/ucs-sso.multi.ucs.xml Mär 10 15:32:46 ucs1-backup3 slapd: /etc/ldap/slapd.conf: line 354: unknown style "16.100.96" in by clause Mär 10 15:32:46 ucs1-backup3 slapd: <access clause> ::= access to <what> [ by <who> [ <access> ] [ <control> ] ]+
The later two lines indicate a syntax error in the configuration file of the service.
Step 2 rewrite configuration file
If the file has been modified manually, a rewrite through
ucr commit /etc/ldap/slapd.conf should fix it.
Check the configuration file manually.
Look for the mentioned line from step 1 and compare to a valid one in the same file:
by peername.ip=ldap/acl/read/ips: 172.16.100.96 read by peername.ip=172.16.100.53 read
Note the additonal string "ldap/acl/read/ips: " in the above line which causes the service to fail.
Step 4 fix the ucr variable
Check the variables
ucr get ldap/acl/read/ips ldap/acl/read/ips: ldap/acl/read/ips: 172.16.100.96,172.16.100.53,,172.16.100.212
The variable contains its own string where it should have only IP ranges.
ucr set ldap/acl/read/ips="172.16.100.96,172.16.100.53,,172.16.100.212"
Step 5 Start the service
Restart the service:
systemctl restart slapd