just figure it out whats going on:
a comment line (starting with #) in the middle of a ACL breaks the ACL.



On Tue, May 3, 2022 at 11:52 PM Quanah Gibson-Mount <quanah@fast-mail.org> wrote:


--On Tuesday, May 3, 2022 10:05 AM +0200 Tan Mientras
<tanimientras@gmail.com> wrote:

>
>
> OLD SERVER:ii  ldap-utils                        
>  2.4.23-7.3                   OpenLDAP utilities
> ii  ldapscripts                         1.9.0-2        
>              Add and remove user and groups (stored in a LDAP
> directory)
> ii  libldap-2.4-2                       2.4.23-7.3      
>             OpenLDAP libraries
> ii  libnet-ldap-perl                    1:0.4001-2        
>           client interface to LDAP servers
> ii  libnss-ldap                         264-2.2        
>              NSS module for using LDAP as a naming service
> ii  libpam-ldap                         184-8.5        
>              Pluggable Authentication Module for LDAP
>
> ii  postfix-ldap                        2.7.1-1+squeeze1  
>           LDAP map support for Postfix
>
>
> vs
>
>
> NEW SERVER:
>
> ii  ldap-utils                          
>  2.4.49+dfsg-2ubuntu1.8             amd64        OpenLDAP
> utilities
> ii  ldapscripts                           2.0.8-1ubuntu1  
>                   all          Add and remove users and
> groups (stored in a LDAP directory)
> ii  libldap-2.4-2:amd64                  
> 2.4.49+dfsg-2ubuntu1.8             amd64        OpenLDAP
> libraries
> ii  libldap-common                      
>  2.4.49+dfsg-2ubuntu1.8             all          OpenLDAP
> common files for libraries

None of the above shows what the slapd version is, but I'll assume 2.4.23
to 2.4.49.  Are you using the exact same OpenLDAP slapd.conf with both?

Regards,
Quanah