Am Tue, 21 Aug 2018 15:50:49 -0700
Hi all, I am about the 4th sysadmin for our organization, and our
openldap is old, 2.4.40 system version for CentOS 6.9. Also there
might have been incorrect modifications to the slapd.d files since it
was really difficult to update things. The olcRootDN was set to
"cn=config" somehow so I had to manually update that to the Manager
account and figure out the CRC32 and everything, but at least I could
make some updates now.
The cn=config rootDN is correct, if this is bound to a config database.
Anyway, I would like to get our installation updated to a current
version, as well as set up some sort of replication with our other
server, in case one goes down then our users could still login and
use our applications, or I could still add/delete users. Perhaps a
multi-master config would be best? (Also maybe update the databases
too since they are using bdb format? but maybe that is just
unnecessary extra work) I tried to setup replication by following a
guide, but was not successful and actually made things worse for our
demon, so had to undo the changes for now. I guess 2.4.40 has some
problems with replication anyway from what I've heard.
A simple mirror mode schould work anyhow.
First, to get openldap updated, would it be as simple as compiling
the new version and then updating the init script /etc/init.d/slapd
to point to the new binaries? I would stop slapd and get a backup of
/etc/openldap and /var/lib/ldap. Then I could just leave our current
config in /etc/openldap and databases in /var/lib/ldap? I've already
built the new version and "make test" was successful so am ready to
proceed from there with your assistance and suggestions.
1. slapcat(8) the old database to a file,
2. install libraries and binaries
3. setup a new config database, that is: creat a slapd.conf file to
your requirements, configure a slapd-mdb(5) database, load the
database file by slapadd(8), slaptest(8) will create a config
Dieter Klünter | Systemberatung
GPG Key ID: E9ED159B