So, a more simple question...
Can I install a current version of OpenLDAP on a current RedHat/Centos
server (specially built for this purpose.
Then use slapcat to export the information from the old server, import
it to the new server, where the admin password is not corrupt.
Can I import the schemas or are there likely substantial changes to the
schemas across versions?
My goals are to create a new LDAP server running Centos/Redhat, transfer
20 users and allow them to keep their existing passwords, allow them to
access my servers, and allow them authentication to samba.
and create an LDAP slave (or cluster)
not sure if syncrepl is the current way to go.
I have root to the server, but I do not have the admin password to the
Openldap 2.2 as it became corrupted somehow.
On 07/24/2016 09:15 PM, Aaron Richton wrote:
On Fri, 22 Jul 2016, Dan Hyatt wrote:
> My admin openLDAP 2.2 password became corrupt in the last week and I
> I found some instructions which seem simple risky and no backout
> strategy. Simply running
That link (apparently from 2011) doesn't apply to your software from
2003. There's no back-config in OpenLDAP 2.2. So don't try that...
@(#) $OpenLDAP: slapd 2.2.13 (Nov 26 2010 07:45:22) $
> Having the LDAP on two separate hyper visors (with local disks) to
> avoid the storage/authentication chicken/egg
> Is there a better upgrade plan
Are you saying that your one and only LDAP server uses itself for its
Authentication and Authorization?
The server provides authentication and authorization for my group. The
server only does LDAP and home dirs.
I want to upgrade it to Centos 6.8 or Centos 7 (that is equal to redhat
6.8 or redhat 7) on a hypervisor with a slave running the current
> I have the log files, is there a way to backout to last week without
> the admin password (which became corrupt last week).
I'm not sure what you're referring to by "log files." The general-case
OpenLDAP backup tool is slapcat(8). Hopefully you have been running it
routinely. The resulting LDIF can be easily inspected; if you have
enough backups, you might even be able to find one without corruption.
We took over responsibility the LDAP in December, there was not a happy
handoff... no documenation..just the password and had to move it to the