--On Friday, November 20, 2015 12:27 AM -0500 Betsy Schwartz betsy.schwartz@gmail.com wrote:
I inherited a pair of (interestingly configured) ldap servers from a previous owner and I'm trying to get them to replicate to each other (actually, starting with two new VM copies, with the goal of ending up with four masters spread over two data centers). The VM's are running RHEL6 and openldap 2.4.40.
When I try to add replication using the ldif included at the bottom of this post , I get this error and then cannot restart slapd -- [root@ldap01 tmp]# ldapmodify -Y EXTERNAL -H ldapi:/// -f /tmp/repl.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 modifying entry "cn=config"
adding new entry "olcOverlay=syncprov,olcDatabase={2}bdb,cn=config"
modifying entry "olcDatabase={2}bdb,cn=config" ldap_modify: Object class violation (65) additional info: attribute 'olcTLSCertificateFile' not allowed
Hi Betsy,
I would suggest using slapcat to export the config database and clean up the invalid attribute values that were incorrectly added to the bdb database.
After that, I would advise:
a) Upgrading to a current openldap release b) Switching to back-mdb, assuming a 64-bit OS.
--Quanah
--
Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration