Edit: November 2021
People seem to still be hitting this story, and by and large these steps usually work. If you are still relying on macOS Server however, you need to migrate to another platform with some degree of urgency. This post was originally written six years ago, when Apple were still promoting the use of Server with Open Directory. Server has been pretty much deprecated since then, with Apple pulling out all the useful features (like DHCP, DNS and even robust File Sharing) and reducing it to nothing more than Xsan and Profile Manager. Profile Manager is not a suitable MDM solution for production use, so you really should not be relying on Server for anything at all these days. Synology is a far more suitable platform for file services and directory services (via its built-in file sharing and LDAP server). Synology can also provide many of the other network services that Server previously supplied - DHCP, DNS etc. These network services can likely also be handled via your router/firewall. For a robust and scalable MDM solution, do not use Profile Manager, instead I recommend using something like Mosyle as a good MDM solution. Long story short however, you need to migrate away from macOS Server.
Back to the original article: I don’t know why the databases that OpenLDAP uses are so fragile, and therefore why Open Directory looses it’s shit nearly every single time you have to force a server to restart, but they are and it does. In the majority of cases, it’s pretty straightforward to fix - and again I’ve got no idea why this isn’t part of the startup process for OpenLDAP if something goes wrong… Anyway, if Open Directory won’t load, or isn’t showing you any users, nine times out of ten, it’s one or the other of the OpenLDAP databases that are corrupt. Fix them like so:
sudo launchctl unload /System/Library/LaunchDaemons/org.openldap.slapd.plist sudo /usr/libexec/slapd -Tt sudo db_recover -cv -h /var/db/openldap/openldap-data/ sudo db_recover -cv -h /var/db/openldap/authdata/ sudo /usr/libexec/slapd -Tt sudo launchctl load /System/Library/LaunchDaemons/org.openldap.slapd.plist
If this sequence of commands doesn’t fix it, then you will need to restore the LDAP databases from backup, which can generally be done with the following command:
sudo slapconfig -restoredb /private/var/backups/ServerBackup_OpenDirectoryMaster.sparseimage
Edit: September 2018 - I’ve rolled these steps into an AppleScript app that you can download and run to run the db_recover repair automatically.