I'm moving my home network server from a Dell server, which has been having some mysterious problems, to an HP MicroServer. Everything - MySQL, OpenVPN, email (dovecot), httpd, etc - except for openLDAP, which is taking more time than everything else put together.
I haven't found any straightforward instructions on this anywhere. The official RedHat document http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html /Deployment_Guide/ch-Directory_Servers.html doesn't really tell you what to do.
Basically, I've saved the data on the old server with slapcat > /tmp/ldif and moved ldif to the new server . But when I run slapadd -l /tmp/ldif on the new server I get the response -------------------------------------- [root@grover ldap]# slapadd -l /tmp/ldif The first database does not allow slapadd; using the first available one (2) bdb_db_open: warning - no DB_CONFIG file found in directory /var/lib/ldap: (2). Expect poor performance for suffix "dc=my-domain,dc=com". slapadd: line 1: database #2 (dc=my-domain,dc=com) not configured to hold "dc=www,dc=gayleard,dc=com"; no database configured for that naming context _ 0.29% eta none elapsed none spd 1.1 M/s Closing DB... --------------------------------------
So I have copied /etc/openldap/slapd.conf from the old server to the new and also copied the old DB_CONFIG to /var/lib/ldap (these files are not used under CentOS-6, as far as I can see), and run -------------------------------------- [root@grover ldap]# slapadd -f /tmp/slapd.conf -l /tmp/ldif bdb_monitor_db_open: monitoring disabled; configure monitor database to enable -#################### 100.00% eta none elapsed 26s spd 4.8 k/s Closing DB... [root@grover slapd.d]# /var/lib [root@grover lib]# chown -R ldap.ldap ldap [root@grover lib]# service slapd restart --------------------------------------
Now I can access http://www.gayleard.com/phpLDAPadmin. There is an icon named "Login" on the left, but I am unable to login with any username/password I can think of, eg root/<root-password>. However, if I click on Anonymous in the login page, I do seem to enter an LDAP database, but with Base dc=my-domain,dc=com
If anyone has successfully navigated this journey I should be very grateful to learn where I am going wrong.
On 01/05/2012 13:12, Timothy Murphy wrote:
So I have copied /etc/openldap/slapd.conf from the old server to the new and also copied the old DB_CONFIG to /var/lib/ldap (these files are not used under CentOS-6, as far as I can see), and run
Under Centos 6.2 openldap uses the new cn=config configuration mechanism, and will ignore your slapd.conf configuration if that mechnism already exists.
I think this config is in /etc/openldap/slapd.d/
Try backing up and removing that folder, then your slapd.conf configuration will actually be read.
Giles Coochey wrote:
So I have copied /etc/openldap/slapd.conf from the old server to the new and also copied the old DB_CONFIG to /var/lib/ldap (these files are not used under CentOS-6, as far as I can see), and run
Under Centos 6.2 openldap uses the new cn=config configuration mechanism, and will ignore your slapd.conf configuration if that mechnism already exists.
Thanks for your response. I know the default config is as you say, but I gave the command ----------------------------------- [root@grover ldap]# slapadd -f /tmp/slapd.conf -l /tmp/ldif bdb_monitor_db_open: monitoring disabled; configure monitor database to enable -#################### 100.00% eta none elapsed 26s spd 4.8 k/s Closing DB... ----------------------------------- I'm pretty sure the file slapd.conf was read by the program, as the outcome was different.
Try backing up and removing that folder, then your slapd.conf configuration will actually be read.
I'll try that, But have you actually migrated an openLDAP setup from CentOS 5 to 6?
On May 1, 2012, at 4:05 PM, Timothy Murphy wrote:
Giles Coochey wrote:
So I have copied /etc/openldap/slapd.conf from the old server to the new and also copied the old DB_CONFIG to /var/lib/ldap (these files are not used under CentOS-6, as far as I can see), and run
Under Centos 6.2 openldap uses the new cn=config configuration mechanism, and will ignore your slapd.conf configuration if that mechnism already exists.
Thanks for your response. I know the default config is as you say, but I gave the command
[root@grover ldap]# slapadd -f /tmp/slapd.conf -l /tmp/ldif bdb_monitor_db_open: monitoring disabled; configure monitor database to enable -#################### 100.00% eta none elapsed 26s spd 4.8 k/s Closing DB...
I'm pretty sure the file slapd.conf was read by the program, as the outcome was different.
Try backing up and removing that folder, then your slapd.conf configuration will actually be read.
I'll try that, But have you actually migrated an openLDAP setup from CentOS 5 to 6?
----- as I understand it (and I have been doing new installs with Ubuntu and not CentOS 6), CentOS 6 uses the dynamic config methodology thereby rendering slapd.conf and the previous methods for configuring ldap useless & down the self-defeating path.
The way to 'migrate' isn't that complicated - you need to do a slapcat of your previous (CentOS 5) openldap server into a file. Then you need to set up the base configuration and database via the dynamic configuration methodology.
I can point you to the methodology for Ubuntu - https://help.ubuntu.com/10.04/serverguide/openldap-server.html and the process on CentOS would almost be the same with the exceptions being the software packages have different names on CentOS and the configuration data would be in /etc/openldap on CentOS and in /etc/ldap in Ubuntu.
I suspect that someone has documented a similar guide for CentOS but I don't know where.
Craig
-
Craig White -
Giles Coochey -
Timothy Murphy