The pressing matter at this point is that I need to get my server (which is my master node) into a consistent state. As I see it, I have 2 options:

- remove (by some means) the olcOverlay={1}ppolicy,oldDatabase={2}hdb entry since it seems to be the cause of the inability to slapcat the cn=config can this be accomplished manually?

- reimport the cn=config backup I took last week before starting to add the ppolicy bits

My understanding is that at this point, restarting slapd would result in a non-start.

On Mon, Jun 8, 2020 at 10:47 AM Quanah Gibson-Mount quanah@symas.com wrote:

--On Monday, June 8, 2020 11:38 AM -0700 John Alexander jalexander@concentricsky.com wrote:

As Howard noted, there's no indiciation currently that the results of "slapcat" are of the actual config DB being used by slapd.

A copy of an older, unused config also doesn't really help much.

You *could* export the current cn=config being used by slapd via ldapsearch of course.

Regards, Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com