Hi Quanah,

I figured that was the problem, but after I ran the module load:

dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: ppolicy

I received errors.  slapcat -n 0 | grep olcModuleLoad did not indicate that ppolicy was loaded.  However ldapsearch indicated that it was loaded.

I expect that first, I need to remove the ppolicy overlay, but am not sure how to accomplish that.  I would be grateful for any guidance.

John Alexander

On Mon, Jun 8, 2020 at 8:36 AM Quanah Gibson-Mount <quanah@symas.com> wrote:


--On Monday, June 8, 2020 9:16 AM -0700 John Alexander
<jalexander@concentricsky.com> wrote:


>
> 5ede54b5 UNKNOWN attributeDescription "OLCPPOLICYDEFAULT" inserted.
> 5ede54b5 config error processing
> olcOverlay={1}ppolicy,olcDatabase={2}hdb,cn=config:
> slapcat: bad configuration file!
>
>
>
>
> I assume this is because there is no olcModuleLoad attribute in the ldif
> for ppolicy.  Would it be appropriate to remove the
> olcOverlay={1}ppolicy,oldDatabase={2}hdb.ldif file - since by my
> understanding ldapdelete does not work against cn=config

You must moduleload the ppolicy module before you can instantiate ppolicy
against a database backend.

Regards,
Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>


--
John Alexander
Systems Administrator
E: jalexander@concentricsky.com
Concentric Sky, Inc
https://www.concentricsky.com