Hi Quanah,

I figured that was the problem, but after I ran the module load:

dn: cn=module{0},cn=config

changetype: modify

add: olcModuleLoad

olcModuleLoad: ppolicy

I received errors. slapcat -n 0 | grep olcModuleLoad did not indicate that ppolicy was loaded. However ldapsearch indicated that it was loaded.

I expect that first, I need to remove the ppolicy overlay, but am not sure how to accomplish that. I would be grateful for any guidance.

John Alexander

On Mon, Jun 8, 2020 at 8:36 AM Quanah Gibson-Mount <quanah@symas.com> wrote:

--On Monday, June 8, 2020 9:16 AM -0700 John Alexander
<jalexander@concentricsky.com> wrote:

>
> 5ede54b5 UNKNOWN attributeDescription "OLCPPOLICYDEFAULT" inserted.
> 5ede54b5 config error processing
> olcOverlay={1}ppolicy,olcDatabase={2}hdb,cn=config:
> slapcat: bad configuration file!
>
>
>
>
> I assume this is because there is no olcModuleLoad attribute in the ldif
> for ppolicy. Would it be appropriate to remove the
> olcOverlay={1}ppolicy,oldDatabase={2}hdb.ldif file - since by my
> understanding ldapdelete does not work against cn=config

You must moduleload the ppolicy module before you can instantiate ppolicy
against a database backend.

Regards,
Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

John Alexander

Systems Administrator

E: jalexander@concentricsky.com

Concentric Sky, Inc

https://www.concentricsky.com