Comment 1 for bug 538516

I found that running "slaptest -F /etc/ldap/slapd.d" generated that same error message.

To investigate further, I used the command line
    slaptest -F /etc/ldap/slapd.d -d 1 2>&1 | grep "\.ldif"
to track down the full path of the file that contained the offending line, which turned out to be
   /etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif

I am attaching a copy of that file, as it was created by the slapd.postinst script.

Eventually I was able to track the error down to the following line from that file:
  olcAccess: to * by dn.exact=cn=localroot,cn=config manage by * break

When I edited that line to read:
  olcAccess: {1}to * by dn.exact=cn=localroot,cn=config manage by * break
and then re-ran the "slaptest" command, the error went away.

I then tried running "dpkg --pending --configure" again... but the postinst script errored out because /var/backups/*-2.4.9-0ubuntu0.8.04.2.ldapdb already existed.

I moved the old backup file out of the way and tried again... only to get the "Starting OpenLDAP: slapd - failed." message again. It turned out that the postinst script had re-converted the slapd.conf file and then re-added the oldAccess line back to the config file, and so slapd was still erroring out.

So I went ahead and edited the grep and sed lines in /var/lib/dpkg/info/slapd.postinst (inside the "if previous_version_older 2.4.11-0ubuntu1" block) so that the text of the line added there used there included the "{1}".

Then I moved the backup file out of the way and reran "dpkg --pending --configure"... and this time slapd started up successfully, and the slapd package was left in the "installed" state.