And, when it's time to ditch the old 'DN' all together, search/replace all instances of the old DN with the new DN on a slapcat output, wipe your DB, and slapadd the new version.
- chris
Chris Jacobs, Systems Administrator Apollo Group | Apollo Marketing | Aptimus 2001 6th Ave Ste 3200 | Seattle, WA 98121 phone: 206.441.9100 x1245 | mobile: 206.601.3256 | fax: 206.441.9661 email: chris.jacobs@apollogrp.edu
----- Original Message ----- From: openldap-technical-bounces@OpenLDAP.org openldap-technical-bounces@OpenLDAP.org To: Troy Telford ttelford.groups@gmail.com Cc: openldap-technical@openldap.org openldap-technical@openldap.org Sent: Sat Jul 17 07:41:42 2010 Subject: Re: Changing the DN of an OpenLDAP server
I've recently needed to change my domain name.
My OpenLDAP server is currently set to use "dc=master,dc=some,dc=com"
And I need to change it to "dc=master,dc=other,dc=com"
Obviously, the clients will need to be updated as well, but I need to start with the server.
I haven't been too successful in finding how to do this; I suspect I'm just using the wrong search terms. Where can I find the documentation that explains how to do this?
Not sure what you mean by "changing the DN"; do you already have a configured database with the old suffix, and you want to change it to something else? If the database is empty, you only need to change it (if you use slapd.conf edit it and change the "suffix" statement and any related statement, e.g. rootdn and ACLs; if you use back-config modify the olcSuffix and related statements using e.g. ldapmodify).
If it contains data, you'll need to export data with slapcat, then edit the resulting LDIF to reflect the change, then reconfigure slapd like in the above case, and finally reload the modified data.
A "safe" interim approach would be to leave the database with the old suffix in place, and use an instance of back-relay to produce a virtual view of the old database with the new suffix, so that old and new applications can coexist with consistent data.
p.
This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.