Thanks to your help, I've discovered I need to increase the size of my mdb MaxSize. I created the following LDIF file to increase it by a factor of 10:
dn: olcDatabase={1}mdb,cn=config changetype: modify add: olcDbMaxSize olcDbMaxSize: 104857600
Now I can make changes to the LDAP directory itself, but when I try to make changes to the OLC data, like this change, I get an Insufficient access error:
$ ldapmodify -v -f mdb.ldif add olcDbMaxSize: 104857600 modifying entry "olcDatabase={1}mdb,cn=config" ldap_modify: Insufficient access (50)
How can I overcome this and give myself access to make these changes in the future? In the past I was advised to do a slapcat of the OLC database, make my changes, and then do a slapadd of the modified LDIF file.. Unfortunately, I forget details of that magical incantation, and I'd also like to make so I have the necessary privileges to make these changes in the future through LDIF changes like the one above.
All you help is greatly appreciated. I know these answers are probably in the manual, and "RTFM" might be justified, but I'm a little under the gun trying to get a formerly working system up and running again, and I still haven't fully grasped OLC yet.
--On Thursday, January 23, 2020 12:12 PM -0500 Prentice Bisbal pbisbal@pppl.gov wrote:
$ ldapmodify -v -f mdb.ldif add olcDbMaxSize: 104857600 modifying entry "olcDatabase={1}mdb,cn=config" ldap_modify: Insufficient access (50)
How can I overcome this and give myself access to make these changes in the future?
Only identities that have write access to the cn=config database can modify it. We have no insight into how your slapd is configured for that access, so that's really the most information I can provide. I would suggest examining your configuration to see how access to cn=config is delegated.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org