If you have a complete/coherent slapcat output, and you stop slapd, remove your database and perform a slapadd using that output, without modifying your configuration (i.e. slapd.conf), you should end up with identical behavior with identical data...this is regardless of if your slapd instance serves as a KDC, a {KERBEROS} frontend, or anything else.
This assumes there's no bugs in slapadd, of course. In 2.2.13 that may not be a valid assumption, but you're likely to get away with it. I'd think that the biggest precondition is the "complete/coherent slapcat"...take a read through the LDIF first and manually sanity check it.
On Wed, 19 Sep 2007, Ezra Taylor wrote:
Hello all: I'm running Openldap version 2.2.13-7.4E and kerberos on Redhat 4 u4. I know we are in desperate need of an upgrade. I noticed that the database is corrupted and would like to know if I do a restore with slapadd if the Kerberos passwords continue to map with the users in ldap database? If not, what tasks do I have to execute to map the kerberos passwords with the users in the ldap database?
Thanks for all your help.
-- Ezra Taylor