--On Tuesday, October 03, 2006 8:49 PM -0400 Robert Petkus rpetkus@bnl.gov wrote:
slapcat ldifs (slapcat -n 2 -l ldap.ldif) are polluted with accesslog entries that *replace* the original entries. For example, my account dn won't include, say, sshPublicKey, but I'd see a reqMod entry with this attribute.
First, I'd make life simpler by listing the monitoring database last.
Second, your slapcat by definition dumps the accesslog database, not your main database, since your databases are:
1: monitor 2: cn=changelog 3: dc=bnl,dc=gov
Or at least, that's my guess, and it seems to go with what you note. Or, you could change your slapcat to use "-b dc=bnl,dc=gov" which would be more explicit. That is, of course, assuming that you want to dump your main DB and not the accesslog DB. ;)
--Quanah
-- Quanah Gibson-Mount Principal Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html