Re: need to recover slapd password and upgrade openldap
On Fri, 22 Jul 2016, Dan Hyatt wrote:
My admin openLDAP 2.2 password became corrupt in the last week and I
cannot
[...]
I found some instructions which seem simple risky and no backout
strategy.
Simply running
http://techiezone.rottigni.net/2011/12/change-root-dn-password-on-openldap/
That link (apparently from 2011) doesn't apply to your software from 2003.
There's no back-config in OpenLDAP 2.2. So don't try that...
[...]
Having the LDAP on two separate hyper visors (with local disks) to
avoid the
storage/authentication chicken/egg
Is there a better upgrade plan
Are you saying that your one and only LDAP server uses itself for its own
A&A?
[...]
I have the log files, is there a way to backout to last week without
the
admin password (which became corrupt last week).
I'm not sure what you're referring to by "log files." The general-case
OpenLDAP backup tool is slapcat(8). Hopefully you have been running it
routinely. The resulting LDIF can be easily inspected; if you have enough
backups, you might even be able to find one without corruption.