--On Thursday, March 10, 2022 6:06 PM +0000 Aaron Bennett abennett@clarku.edu wrote:
Hi,
I'm moving from a two-node CentOS 7 cluster running essentially the RedHat openldap-servers build (which I rebuild to use OpenSSL, but otherwise, left alone).
The 2.4 cn=config is not necessarily compatible with 2.5. You should dump your current 2.4 config with slapcat -n 0 and then update it accordingly for use with 2.5. Symas has excellent 2.5 and 2.6 packages available at https://repo.symas.com/soldap/ along with upgrade instructions: https://repo.symas.com/soldap/upgrading/
In your specific case, it appears that you've left the ppolicy schema in place in the cn=config db, where it was moved to be internal to the ppolicy overlay module in 2.5 and later.
Regards, Quanah