[Date Prev][Date Next] [Chronological] [Thread] [Top]

missing group



Greetings...

We've been porting our OpenLDAP 1.2 content to OpenLDAP 2.0.11 and we've been experiencing major problems. The greatest issue right now is that not all the user/group definitions make it to OpenLDAP 2.0.11. There are no object/definition constraint errors and I've checked the log numerous times but still these accounts and groups just refuse to upload.

Here is the process

In OpenLDAP 1.2 I issue

/usr/local/sbin/ldbmcat /ldapdb/id2entry.dbb > /tmp/lookup1.ldif

I copy this over to my OpenLDAP 2.0 server and I do the following

Stop slapd
Attempt to overwrite the existing database by doing:
/usr/local/sbin/slapadd -c -v -l /tmp/lookup1.ldif -f /usr/local/etc/openldap/slapd.conf -d 256
2>&1 | tee /dropbox/import_debug.run
This adds fine but when I view the log there's no reported error on the group.
At this time I re-index it just to be safe:
/usr/local/sbin/slapindex
Start slapd


Then I try to do a search and nothing is returned for that group.

The typical group definition that is returned by OpenLDAP 1.2 is:

dn: cn=ASNsp, ou=SubGroup,ou=Group1,o=MyDomain
objectclass: top
objectclass: groupOfNames
cn: ASNsp
member: uid=138@fastsigns.com,ou=Test,ou=TestGroups,o=MyDomain
[ ... snip ...]

and that never gets "uploaded" to the Ldap db.

Before I run slapadd, does it assume that there is no database?
Do I need slapindex -b <suffix> to be more specific? How often should I run it?

jm