Hi everyone,
I'm actually stuck trying to set up an OpenLDAP implementation on my server running debian/slapd. Based on the hostname of the server (server.foo.bar) slapd automatically sets up the base config with dc=foo,dc=bar as BaseDN. This runs fine and I can connect successfully. However, I actually want the BaseDN for the LDAP structure to rely on the subdomain ldap.foo.bar (dc=ldap,dc=foo,dc=bar). How can I accomplish this?
I already tried to fiddle around with ldapmodify/ldif-files, but the only thing I found online where descriptions of how to add a node, not how to change the root node.
This post on SO:
https://stackoverflow.com/questions/19537319/change-basedn-in-openldap only explains how to rename an existing setup (and even there I can't imagine there isn't a more native way of changing the BaseDN).
Thanks in advance!
On Wed, Aug 7, 2019 at 2:03 PM Dominique Fuchs d.fuchs91@icloud.com wrote:
Hi everyone,
I'm actually stuck trying to set up an OpenLDAP implementation on my server running debian/slapd. Based on the hostname of the server (server.foo.bar) slapd automatically sets up the base config with dc=foo,dc=bar as BaseDN. This runs fine and I can connect successfully. However, I actually want the BaseDN for the LDAP structure to rely on the subdomain ldap.foo.bar (dc=ldap,dc=foo,dc=bar). How can I accomplish this?
It's not slapd defaulting to that base suffix, that comes from the debian (and ubuntu) packaging.
If you just started and don't have "real" data in there yet, it's probably easier to just reconfigure the package with "sudo dpkg-reconfigure slapd" and answer the questions. This will start fresh from the new basedn.
Hi,
Am 07.08.2019 um 19:07 schrieb Andreas Hasenack andreas@canonical.com
It's not slapd defaulting to that base suffix, that comes from the debian (and ubuntu) packaging.
If you just started and don't have "real" data in there yet, it's probably easier to just reconfigure the package with "sudo dpkg-reconfigure slapd" and answer the questions. This will start fresh from the new basedn.
thank you too, I didn‘t realize the slapd package skips the configuration with it‘s own assumptions. I now went with the solution from Quanah and modified the olcSuffix entry, this worked liked a charme.
On Wed, Aug 07, 2019 at 09:10:30PM +0200, Dominique Fuchs wrote:
Hi,
Am 07.08.2019 um 19:07 schrieb Andreas Hasenack andreas@canonical.com
It's not slapd defaulting to that base suffix, that comes from the debian (and ubuntu) packaging.
If you just started and don't have "real" data in there yet, it's probably easier to just reconfigure the package with "sudo dpkg-reconfigure slapd" and answer the questions. This will start fresh from the new basedn.
thank you too, I didn‘t realize the slapd package skips the configuration with it‘s own assumptions. I now went with the solution from Quanah and modified the olcSuffix entry, this worked liked a charme.
If you change olcSuffix by hand like that, you must also either change the existing content in the database, or drop and recreate the data yourself with the new suffix. Otherwise, if you just start adding new content while the stale content is still there, you'll hit https://bugs.debian.org/546368 on a future upgrade.
dpkg-reconfigure drops and recreates the database for you, so you wouldn't have to worry about that. (But don't do it if you already have data in there that you care about!)
--On Wednesday, August 07, 2019 3:43 PM +0000 Dominique Fuchs d.fuchs91@icloud.com wrote:
Hi everyone,
I'm actually stuck trying to set up an OpenLDAP implementation on my server running debian/slapd. Based on the hostname of the server (server.foo.bar) slapd automatically sets up the base config with dc=foo,dc=bar as BaseDN. This runs fine and I can connect successfully. However, I actually want the BaseDN for the LDAP structure to rely on the subdomain ldap.foo.bar (dc=ldap,dc=foo,dc=bar). How can I accomplish this?
If the database is empty, something like (as the root user):
ldapmodify -Y EXTERNAL -H ldapi:/// dn: olcDatabase={#}mdb,cn=config changetype: modify replace: olcSuffix olcSuffix: dc=ldap,dc=foo,dc=bar
But you'll need to know the database weight value.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Hi
Am 07.08.2019 um 19:11 schrieb Quanah Gibson-Mount quanah@symas.com:
If the database is empty, something like (as the root user):
ldapmodify -Y EXTERNAL -H ldapi:/// dn: olcDatabase={#}mdb,cn=config changetype: modify replace: olcSuffix olcSuffix: dc=ldap,dc=foo,dc=bar
Thanks a lot for the quick response. I didn‘t correctly specify the dn line (db entry) with ldapmodify. This worked perfectly.
Thanks again, Dominique
Dominique Fuchs d.fuchs91@icloud.com schrieb am 07.08.2019 um 16:43 in
Nachricht b63b9723-ad57-49e6-ae37-1cc63ace6f74@me.com:
Hi everyone,
I'm actually stuck trying to set up an OpenLDAP implementation on my server running debian/slapd. Based on the hostname of the server (server.foo.bar) slapd automatically sets up the base config with dc=foo,dc=bar as BaseDN. This runs fine and I can connect successfully. However, I actually want the BaseDN for the LDAP structure to rely on the subdomain ldap.foo.bar (dc=ldap,dc=foo,dc=bar). How can I accomplish this?
I already tried to fiddle around with ldapmodify/ldif-files, but the only thing I found online where descriptions of how to add a node, not how to change the root node.
Export the database, delete the database, edit the exported database, and then re-import the modified database?
This post on SO:
https://stackoverflow.com/questions/19537319/change-basedn-in-openldap only explains how to rename an existing setup (and even there I can't imagine there isn't a more native way of changing the BaseDN).
Thanks in advance!
openldap-technical@openldap.org
-
Andreas Hasenack -
Dominique Fuchs -
Quanah Gibson-Mount -
Ryan Tandy -
Ulrich Windl