I found that running "slaptest -F /etc/ldap/slapd.d" generated that same error message.
To investigate further, I used the command line
slaptest -F /etc/ldap/slapd.d -d 1 2>&1 | grep "\.ldif"
to track down the full path of the file that contained the offending line, which turned out to be
/etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif
I am attaching a copy of that file, as it was created by the slapd.postinst script.
Eventually I was able to track the error down to the following line from that file:
olcAccess: to * by dn.exact=cn=localroot,cn=config manage by * break
When I edited that line to read:
olcAccess: {1}to * by dn.exact=cn=localroot,cn=config manage by * break
and then re-ran the "slaptest" command, the error went away.
I then tried running "dpkg --pending --configure" again... but the postinst script errored out because /var/backups/*-2.4.9-0ubuntu0.8.04.2.ldapdb already existed.
I moved the old backup file out of the way and tried again... only to get the "Starting OpenLDAP: slapd - failed." message again. It turned out that the postinst script had re-converted the slapd.conf file and then re-added the oldAccess line back to the config file, and so slapd was still erroring out.
So I went ahead and edited the grep and sed lines in /var/lib/dpkg/info/slapd.postinst (inside the "if previous_version_older 2.4.11-0ubuntu1" block) so that the text of the line added there used there included the "{1}".
Then I moved the backup file out of the way and reran "dpkg --pending --configure"... and this time slapd started up successfully, and the slapd package was left in the "installed" state.
I found that running "slaptest -F /etc/ldap/slapd.d" generated that same error message.
To investigate further, I used the command line ldap/slapd. d/cn=config/ olcDatabase= {0}config. ldif
slaptest -F /etc/ldap/slapd.d -d 1 2>&1 | grep "\.ldif"
to track down the full path of the file that contained the offending line, which turned out to be
/etc/
I am attaching a copy of that file, as it was created by the slapd.postinst script.
Eventually I was able to track the error down to the following line from that file: cn=localroot, cn=config manage by * break
olcAccess: to * by dn.exact=
When I edited that line to read: cn=localroot, cn=config manage by * break
olcAccess: {1}to * by dn.exact=
and then re-ran the "slaptest" command, the error went away.
I then tried running "dpkg --pending --configure" again... but the postinst script errored out because /var/backups/ *-2.4.9- 0ubuntu0. 8.04.2. ldapdb already existed.
I moved the old backup file out of the way and tried again... only to get the "Starting OpenLDAP: slapd - failed." message again. It turned out that the postinst script had re-converted the slapd.conf file and then re-added the oldAccess line back to the config file, and so slapd was still erroring out.
So I went ahead and edited the grep and sed lines in /var/lib/ dpkg/info/ slapd.postinst (inside the "if previous_ version_ older 2.4.11-0ubuntu1" block) so that the text of the line added there used there included the "{1}".
Then I moved the backup file out of the way and reran "dpkg --pending --configure"... and this time slapd started up successfully, and the slapd package was left in the "installed" state.