On 9/13/24 1:50 PM, Quanah Gibson-Mount wrote:
--On Friday, September 13, 2024 1:50 PM -0400 Brendan Kearney bpk678@gmail.com wrote:
[brendan@x1titanium ~]$ ldapmodify SASL/GSSAPI authentication started SASL username: brendan@BPK2.COM SASL SSF: 256 SASL data security layer installed. dn: dc=bpk2,dc=com changetype: modify delete: cACertificate;binary - delete: cAPrivateKey;binary - delete: objectClass objectClass: autoCA
modifying entry "dc=bpk2,dc=com" ldap_modify: Invalid syntax (21) additional info: objectClass: value #0 invalid per syntax
Hm, that seems like a bug.
[brendan@x1titanium ~]$ ldapmodify SASL/GSSAPI authentication started SASL username: brendan@BPK2.COM SASL SSF: 256 SASL data security layer installed. dn: dc=bpk2,dc=com changetype: modify delete: cACertificate;binary - delete: cAPrivateKey;binary
modifying entry "dc=bpk2,dc=com" ldap_modify: Object class violation (65) additional info: unrecognized objectClass 'autoCA'
This seems to think the module is not present. I wonder if by setting it to invalid it doesn't register the objectClass which makes it impossible to clean up. Howard will have to answer how you get out of this situation.
--Quanah
there seems to be more at play than meets the eye. i am now running weekly backups of the config and DIT, using slapcat, and i am getting empty backup files. my nas was offline for a bit, as i blew it up and had to rebuild it. i hadnt noticed the failed backups during the rebuild of the nas. now when i run the below script, it completes with only intermittent success...
#!/bin/bash
name=`hostname` date=$(date +%b-%d-%Y)
/sbin/slapcat -n0 -l /root/$name.config.$date.ldif /sbin/slapcat -n2 -l /root/$name.bpk2.$date.ldif
mv /root/$name.*.ldif /backups/
if i run just "slapcat -n0" from the command line, i sometimes get the LDIF output, while other times i get the following error:
[root@server1 ~]# slapcat -n0 PROXIED attributeDescription "OU" inserted. PROXIED attributeDescription "DC" inserted. olcAutoCAserverClass: value #0: <olcAutoCAserverClass> handler exited with 1! config error processing olcOverlay={5}autoca,olcDatabase={2}mdb,cn=config: <olcAutoCAserverClass> handler exited with 1 slapcat: bad configuration file!
something is absurdly wrong, and i cannot delete the Auto CA attributes in the DIT, in order to properly remove the overlays. now, this is causing backups to fail. what do i have to do, to rid my environment of the Auto CA functionality and restore proper backup functionality?
thanks,
brendan