3:50 p.m.
Hi all, I am about the 4th sysadmin for our organization, and our
openldap is old, 2.4.40 system version for CentOS 6.9. Also there might
have been incorrect modifications to the slapd.d files since it was
really difficult to update things. The olcRootDN was set to "cn=config"
somehow so I had to manually update that to the Manager account and
figure out the CRC32 and everything, but at least I could make some
updates now.
Anyway, I would like to get our installation updated to a current
version, as well as set up some sort of replication with our other
server, in case one goes down then our users could still login and use
our applications, or I could still add/delete users. Perhaps a
multi-master config would be best? (Also maybe update the databases too
since they are using bdb format? but maybe that is just unnecessary
extra work) I tried to setup replication by following a guide, but was
not successful and actually made things worse for our demon, so had to
undo the changes for now. I guess 2.4.40 has some problems with
replication anyway from what I've heard.
First, to get openldap updated, would it be as simple as compiling the
new version and then updating the init script /etc/init.d/slapd to point
to the new binaries? I would stop slapd and get a backup of
/etc/openldap and /var/lib/ldap. Then I could just leave our current
config in /etc/openldap and databases in /var/lib/ldap? I've already
built the new version and "make test" was successful so am ready to
proceed from there with your assistance and suggestions.
Thanks,
--
Chandler
Arizona Genomics Institute
www.genome.arizona.edu
2:54 a.m.
Am Tue, 21 Aug 2018 15:50:49 -0700
schrieb admin(a)genome.arizona.edu:
Hi all, I am about the 4th sysadmin for our organization, and our
openldap is old, 2.4.40 system version for CentOS 6.9. Also there
might have been incorrect modifications to the slapd.d files since it
was really difficult to update things. The olcRootDN was set to
"cn=config" somehow so I had to manually update that to the Manager
account and figure out the CRC32 and everything, but at least I could
make some updates now.
The cn=config rootDN is correct, if this is bound to a config database.
Anyway, I would like to get our installation updated to a current
version, as well as set up some sort of replication with our other
server, in case one goes down then our users could still login and
use our applications, or I could still add/delete users. Perhaps a
multi-master config would be best? (Also maybe update the databases
too since they are using bdb format? but maybe that is just
unnecessary extra work) I tried to setup replication by following a
guide, but was not successful and actually made things worse for our
demon, so had to undo the changes for now. I guess 2.4.40 has some
problems with replication anyway from what I've heard.
A simple mirror mode schould work anyhow.
First, to get openldap updated, would it be as simple as compiling
the new version and then updating the init script /etc/init.d/slapd
to point to the new binaries? I would stop slapd and get a backup of
/etc/openldap and /var/lib/ldap. Then I could just leave our current
config in /etc/openldap and databases in /var/lib/ldap? I've already
built the new version and "make test" was successful so am ready to
proceed from there with your assistance and suggestions.
1. slapcat(8) the old database to a file,
2. install libraries and binaries
3. setup a new config database, that is: creat a slapd.conf file to
your requirements, configure a slapd-mdb(5) database, load the
database file by slapadd(8), slaptest(8) will create a config
database.
-Dieter
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E
1447
days inactive
1449
days old
openldap-technical@openldap.org
1 comments
2 participants
participants (2)
-
admin@genome.arizona.edu -
Dieter Klünter