[CentOS] OpenLDAP on CentOS 6.3

Fri Oct 19 19:33:34 UTC 2012
Patrick Lists <centos-list at puzzled.xs4all.nl>

On 10/19/2012 08:28 PM, Hugh E Cruickshank wrote:
> From: Keith Keller Sent: October 16, 2012 22:33
>> On 2012-10-17, Patrick Lists <centos-list at puzzled.xs4all.nl> wrote:
>>> On the mailing list it was recommended by several subscribers to
>>> upgrade to the latest openldap release (2.4.33) due to the many
>>> fixes in the dynamic config backend and the logic that can
>>> transform an slapd.conf into a cn=config version.
>> I could be wrong, but I think this logic already exists in the latest
>> OpenLDAP package in CentOS 6.3.  At least, I tried it myself
>> last week--

According to the OpenLDAP devs there are quite a few bugs in that 
release so YMMV.

>> it's basically -f /path/to/old/slapd.conf -F /etc/openldap/slapd.d/ or
>> something like that.  It seemed to work (though I've done only basic
>> testing on it so far).
> Thank you but without having a working slapd.conf (or for that mater
> any slapd.conf) file I will not be able to take advantage of this.

You need to create the slapd.conf yourself tailored to your needs. 
However there is an example in /usr/share/openldap-servers/. Also have a 
look in the openldap RPM in the %post section where you can see the 
steps it does when creating the dynamic backend config (you can easily 
open an RPM with mc). Since you would migrate a slapd.conf into a 
cn=config version you might as well start with a slapd-config type of 
config which is aimed at cn=config setups. Both the man pages and the 
Admin Guide have all the info. Iirc there are also some examples in the 
openldap sources so you may want to get those and check it out.

Hang in there. I found all this cn=config stuff completely confusing but 
eventually figured out a basic setup with the help of the man pages, 
Admin Guide, Google and sheer luck no doubt :)