************************************************************ yum install -y epel-release wget telnet openldap* gcc cd /etc/openldap/slapd.d/cn=config mv olcDatabase={2}hdb.ldif olcDatabase={2}mdb.ldif [root@ip-172-31-22-18 cn=config]# cat olcDatabase={2}mdb.ldif # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # CRC32 b0e4f2c3 dn: olcDatabase={2}mdb objectClass: olcDatabaseConfig objectClass: olcMdbConfig olcDatabase: {2}mdb olcDbDirectory: /var/lib/ldap olcSuffix: dc=my-domain,dc=com olcRootDN: cn=Manager,dc=my-domain,dc=com olcDbIndex: objectClass eq,pres olcDbIndex: ou,cn,mail,surname,givenname eq,pres,sub structuralObjectClass: olcMdbConfig entryUUID: a60911f8-ad82-103e-9717-5f9aab981680 creatorsName: cn=config createTimestamp: 20240523190147Z entryCSN: 20240523190147.402664Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20240523190147Z ************************************************************ systemctl start slapd systemctl enable slapd systemctl status slapd systemctl stop slapd slappasswd ************************************************************ db.ldif dn: olcDatabase={2}mdb,cn=config changetype: modify replace: olcSuffix olcSuffix: dc=hadoop,dc=com dn: olcDatabase={2}mdb,cn=config changetype: modify replace: olcRootDN olcRootDN: cn=ldapadm,dc=hadoop,dc=com dn: olcDatabase={2}mdb,cn=config changetype: modify replace: olcRootPW olcRootPW: {SSHA}dAWI0nM3m7JIJ65FxxXVuXwj/0nw6EL1 ************************************************************ ldapmodify -Y EXTERNAL -H ldapi:/// -f db.ldif ************************************************************ monitor.ldif dn: olcDatabase={1}monitor,cn=config changetype: modify replace: olcAccess olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by dn.base="cn=ldapadm,dc=hadoop,dc=com" read by * none ************************************************************ ldapmodify -Y EXTERNAL -H ldapi:/// -f monitor.ldif ************************************************************ cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG chown ldap:ldap /var/lib/ldap/* ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif ************************************************************ base.ldif dn: dc=hadoop,dc=com dc: hadoop objectClass: top objectClass: domain dn: cn=ldapadm,dc=hadoop,dc=com objectClass: organizationalRole cn: ldapadm description: LDAP Manager dn: ou=People,dc=hadoop,dc=com objectClass: organizationalUnit ou: People dn: ou=Group,dc=hadoop,dc=com objectClass: organizationalUnit ou: Group ************************************************************ ldapadd -x -W -D "cn=ldapadm,dc=hadoop,dc=com" -f base.ldif ldapsearch -D cn="ldapadm,dc=hadoop,dc=com" -W -b "dc=hadoop,dc=com" objectClass=* slapcat slaptest ************************************************************ ***upgrading from openldap to symas openldap 2.4.57: symas openldap systemctl stop slapd yum -y erase openldap-clients openldap-servers wget -q https://repo.symas.com/configs/SOFL/rhel7/sofl.repo -O /etc/yum.repos.d/sofl.repo yum -y update yum -y install symas-openldap-clients symas-openldap-servers systemctl start slapd ************************************************************ ***Upgrading from symasopenldap2.4.57 to 2.6.7 1. cd /etc/openldap/slapd.d 2. slapcat -n0 -l slapd24-config.ldif 3. cp slapd24-config.ldif slapd26-config.ldif 4. mkdir -p /opt/symas/etc/openldap/slapd.d 5. [root@ip-172-31-22-18 slapd.d]# slapadd -n 0 -l slapd26-config.ldif -F /opt/symas/etc/openldap/slapd.d _#################### 100.00% eta none elapsed none fast! Closing DB... 6. systemctl stop slapd 7. 2.6.7 upgrade steps: wget -q https://repo.symas.com/configs/SOLDAP/rhel7/release26.repo -O /etc/yum.repos.d/soldap-release26.repo yum -y update yum -y install symas-openldap-clients symas-openldap-servers 8. systemctl start slapd ************************************************************ ERRORS: May 23 19:16:35 ip-172-31-22-18 slapd[5686]: @(#) $OpenLDAP: slapd 2.6.7 (Feb 20 2024 21:46:25) $ mockbuild@b3a03545f9ad461ea955953b9cd64253:/builddir/build/BUILD/openldap-2.6.7/servers/slapd May 23 19:16:35 ip-172-31-22-18 slapd[5686]: UNKNOWN attributeDescription "OLCDBINDEX" inserted. May 23 19:16:35 ip-172-31-22-18 slapd[5686]: config error processing olcDatabase={2}mdb,cn=config: ************************************************************ [root@ip-172-31-22-18 sbin]# /opt/symas/sbin/slaptest UNKNOWN attributeDescription "OLCDBINDEX" inserted. config error processing olcDatabase={2}mdb,cn=config: slaptest: bad configuration file! ************************************************************ [root@ip-172-31-22-18 sbin]# /opt/symas/sbin/slapcat UNKNOWN attributeDescription "OLCDBINDEX" inserted. config error processing olcDatabase={2}mdb,cn=config: slapcat: bad configuration file! ************************************************************ [root@ip-172-31-22-18 bin]# /opt/symas/bin/ldapsearch -V ldapsearch: @(#) $OpenLDAP: ldapsearch 2.6.7 (Feb 20 2024 21:45:56) $ mockbuild@b3a03545f9ad461ea955953b9cd64253:/builddir/build/BUILD/openldap-2.6.7/clients/tools (LDAP library: OpenLDAP 20607) ldap_sasl_interactive_bind: Can't contact LDAP server (-1) ************************************************************ ***PS: I am not using slapd.conf, what should I do in this case.