--On Monday, July 24, 2023 6:56 PM +0200 Richard Rosner rrosner@fsmuw.rwth-aachen.de wrote:
dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/run/slapd/slapd.args olcLogLevel: none olcPidFile: /var/run/slapd/slapd.pid olcToolThreads: 1 structuralObjectClass: olcGlobal entryUUID: 9a5b5f82-56d4-1039-8be0-4705b1c5590c creatorsName: cn=config createTimestamp: 20190819135427Z olcTLSCACertificateFile: /etc/ssl/certs/geant-intermediates.pem olcTLSCertificateFile: /etc/ssl/certs/auth.domain.de.cert.pem olcTLSCertificateKeyFile: /etc/ssl/private/auth.domain.de.private.pem entryCSN: 20230520140839.289572Z#000000#000#000000 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth modifyTimestamp: 20230520140839Z contextCSN: 20230520140839.289572Z#000000#000#000000
slapadd -F/etc/ldap/slapd.d -n0 -l /var/backups/slapd-2.4.57+dfsg-3+deb11u1/cn=config.ldif
If the above is the contents of cn=config.ldif then it's not a backup that was done into LDIF format, but a copy of your cn=config database that needs to be exported to cn=config. And the formatting is invalid if it has those indents. Saying it isn't "typical" LDIF format does not make it valid. It's either complies with the RFC or it doesn't. :)
--Quanah