Indexing Samba Attributes for OpenLDAP

Some time ago we set up an OpenLDAP server and managed to index the attributes that needed indexing. Not so long ago we have set up a Samba server as well and since then new attributes require indexing.
(Ez a cikk magyarul is olvasható.)
All iuntrenet resources come up with different attrbutes to index so I have choosen the empirical approach. Check the syslog and fliter the lines containing concerns of our most beloved slapd:

cat /var/log/syslog |grep equality|cut -d' ' -f8|sort|uniq|cut -d'(' -f2| cut -d')' -f1

The check the attributes we have been already indexing:

sudo ldapsearch -Y EXTERNAL -b olcDatabase={1}hdb,cn=config|grep olcDbIndex

We need all members of both lists in the file index_samba_ldap.ldiff :

dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcDbIndex
olcDbIndex: uid,uidNumber,gidNumber,memberUid,uniqueMember,objectClass,displayName,cn eq
olcDbIndex: sambaDomainName,sambaGroupType,sambaSID,sambaSIDList eq

We make the change happen:

sudo ldapmodify -Y EXTERNAL -f index_samba_ldap.ldiff

All we have to do to have the stuff already in palce indexed. First we stop our server then do the indexing being user openldap then we restart the server:

sudo service slapd stop
sudo su - openldap -c slapindex
sudo service slapd start

Every now and then we will take a look at the syslog and add any new attribute that needs indexing.