On Fri, 22 Jul 2016, Dan Hyatt wrote:
My admin openLDAP 2.2 password became corrupt in the last week and I cannot
[...]
I found some instructions which seem simple risky and no backout strategy. Simply running http://techiezone.rottigni.net/2011/12/change-root-dn-password-on-openldap/
That link (apparently from 2011) doesn't apply to your software from 2003. There's no back-config in OpenLDAP 2.2. So don't try that...
[...]
Having the LDAP on two separate hyper visors (with local disks) to avoid the storage/authentication chicken/egg Is there a better upgrade plan
Are you saying that your one and only LDAP server uses itself for its own A&A?
[...]
I have the log files, is there a way to backout to last week without the admin password (which became corrupt last week).
I'm not sure what you're referring to by "log files." The general-case OpenLDAP backup tool is slapcat(8). Hopefully you have been running it routinely. The resulting LDIF can be easily inspected; if you have enough backups, you might even be able to find one without corruption.