It's been a while since I touched LDAP, so I'm new to the latest configuration changes. Admittedly, I find it aggravating that I can't simply shutdown the LDAP server and modify the configuration, and start it back up.

Regardless, my intern stuck the wrong paths in for the TLSCerts, ldap will not start up now ... I need to modify cn=config with the correct paths, but I can't figure out how to get slap* to do it. It hates my ldif, and I just want a simple way to change those three paths. I assume that somewhere in the arcane knowledge that is LDAP, there is a simple solution. But my Google FU has failed me, tho it has served up numerous threads that talk around the problem without providing a solution (or the solution provided was simply 'use slapadd' with no direction on how to 'use slapadd').

Here is the latest ldif I've attempted to use (to no avail) with slapadd:
dn: cn=config
objectClass: olcGlobal
cn: config
olcTLSCACertificateFile: /etc/ldap/tls/cacert.pem
olcTLSCertificateFile: /etc/ldap/tls/slapd.d/slapd_cert.pem
olcTLSCertificateKeyFile: /etc/ldap/tls/slapd.d/slapd_key.pem

I assume I just don't know how to write a correct LDIF. But I would appreciate any help in modifying cn=config with the server down.

Rob "Bubba" Hines