Tips for OpenLDAP
Reset cn=config admin password
If lost you can reset the cn=admin password like this
You find the password in the attribute olcRootPW in /etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif base64 encoded.
To change the password use ldapmodify as root. Save this as an LDIF file rootpw_cnconfig.ldif:
dn: olcDatabase={0}config,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: foobar123
Obviously set your password to something other than foobar123. Then run ldapmodify:
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f rootpw_cnconfig.ldif
This presumes that the LDAP server and the cn=config database can be accessed using the ldapi protocol (-H ldapi:///) and that external SASL authentication (-Y EXTERNAL) is enabled and working, which it should by default on new OpenLDAP setups in Debian and Ubuntu. If you look at /etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif it should contain an attribute olcAccess