On Fri, Oct 18, 2024 at 10:25:28AM -0700, Quanah Gibson-Mount wrote:
--On Friday, October 18, 2024 3:19 PM +0000 sharbich@t-online.de wrote:
Hello, unfortunately I missed the update version note for the schema ppolicy. After updating and restarting the slapd service, I can no longer delete the schema. I get the following error message:
"root@dsme01:~# slapcat -n0 > config.ldif olcAttributeTypes: value #0 olcAttributeTypes: Duplicate attributeType: "1.3.6.1.4.1.42.2.27.8.1.1" config error processing cn={15}ppolicy,cn=schema,cn=config: olcAttributeTypes: Duplicate attributeType: "1.3.6.1.4.1.42.2.27.8.1.1" slapcat: bad configuration file!"
Backup your slapd.d directory, like:
cp -r /etc/openldap/slapd.d /etc/openldap/slapd.d.recovery
Then cd /etc/openldap/slapd.d/cn=config/cn=schema
ls *.ldif rm <ppolicy schema file>
Unless that's the last schema in the list, you'll end up with a gap in the entry ordering (so the live and on-disk version will not match up).
You can manage all this with slapmodify. You want to make a backup first, then prepare a dummy slapd.conf like this:
database ldif suffix cn=schema directory /etc/openldap/slapd.d/cn=config/
And then run `slapmodify -f <the stub config above>` feeding the following to its standard input (adjust numbering and naming as needed):
# remove the ppolicy schema dn: cn={x}ppolicy,cn=schema changetype: delete
# renumber the entries that followed it to fill the gap dn: cn={x+1}something,cn=schema changetype: modrdn newrdn: cn={x}something deleteoldrdn: 1
dn: cn={x+2}... changetype: modrdn newrdn: cn={x+1}... deleteoldrdn: 1
Regards,