On Wed, May 08, 2019 at 01:31:48PM +0000, ondra@mistotebe.net wrote:
On Mon, Jan 22, 2018 at 11:57:38PM +0000, ondra@mistotebe.net wrote:
On Mon, Jan 22, 2018 at 09:59:21PM +0000, quanah@openldap.org wrote:
After doing conversion, the resulting cn=config database has *two* ldap backends defined:
dn: olcDatabase={-1}frontend,cn=config dn: olcOverlay={0}chain,olcDatabase={-1}frontend,cn=config dn: olcDatabase={0}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=conf
This is the catchall database used to handle referrals that are not handled by any other database you configure by hand. It collects all the chain-* settings that appear before the first chain-uri.
dn: olcDatabase={1}ldap,olcOverlay={0}chain,olcDatabase={-1}frontend,cn=conf
The first instance ({0}ldap,...) isn't even valid. If you remove the entire chain configuration from this database, and then attempt to import it, you get the following:
Yeah that is a problem.
Turns out the problem is different yet. When the overlay is started up after adding its entry, it generates a default backend internally. On adding the above backend it now thinks it has a default one already (even though there is no entry for it yet) and rejects it.
There is now a patch here that exploits the above to know if the common backend has been added from slapd.conf/explicitly or implicitly like in the original report.
https://github.com/mistotebe/openldap/tree/its8799