[CentOS] OpenLDAP migration from Centos 5 to 6

Thu May 3 15:07:51 UTC 2012
Craig White <craig.white at ttiltd.com>

On May 1, 2012, at 4:05 PM, Timothy Murphy wrote:

> Giles Coochey wrote:
> 
>>> So I have copied /etc/openldap/slapd.conf from the old server to the new
>>> and also copied the old DB_CONFIG to /var/lib/ldap
>>> (these files are not used under CentOS-6, as far as I can see),
>>> and run
>>> 
>> Under Centos 6.2 openldap uses the new cn=config configuration
>> mechanism, and will ignore your slapd.conf configuration if that
>> mechnism already exists.
> 
> Thanks for your response.
> I know the default config is as you say, but I gave the command
> -----------------------------------
> [root at grover ldap]# slapadd -f /tmp/slapd.conf -l /tmp/ldif
> bdb_monitor_db_open: monitoring disabled; configure monitor database to 
> enable
> -#################### 100.00% eta   none elapsed             26s spd   4.8 
> k/s
> Closing DB...
> -----------------------------------
> I'm pretty sure the file slapd.conf was read by the program,
> as the outcome was different.
> 
>> Try backing up and removing that folder, then your slapd.conf
>> configuration will actually be read.
> 
> I'll try that,
> But have you actually migrated an openLDAP setup from CentOS 5 to 6?
-----
as I understand it (and I have been doing new installs with Ubuntu and not CentOS 6), CentOS 6 uses the dynamic config methodology thereby rendering slapd.conf and the previous methods for configuring ldap useless & down the self-defeating path.

The way to 'migrate' isn't that complicated - you need to do a slapcat of your previous (CentOS 5) openldap server into a file. Then you need to set up the base configuration and database via the dynamic configuration methodology.

I can point you to the methodology for Ubuntu - https://help.ubuntu.com/10.04/serverguide/openldap-server.html and the process on CentOS would almost be the same with the exceptions being the software packages have different names on CentOS and the configuration data would be in /etc/openldap on CentOS and in /etc/ldap in Ubuntu.

I suspect that someone has documented a similar guide for CentOS but I don't know where.

Craig