Hello,

I am running OpenLDAP (slapd 2.4.49) on Ubuntu with an MDB backend configured for the suffix o=bar,dc=foo.

With a help of slapcat, I have discovered stale data: several objects with the suffix dc=bar,dc=foo are physically present in the same MDB database files. These were likely created by the default Ubuntu installer before the entire configuration was manually replaced. However, /var/lib/ldap remained unnoticed at that time, and then production data were appended to this initial one.

Is there a method to delete these specific dc=bar,dc=foo entries without taking the server offline and rebuilding the entire database from an LDIF export with slapcat+slapadd? ldapsearch seems to be uncapable to deal with this stale data.

Thanks in advance.