[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: upgrading openldap?



Hi,

juliano <juliano@fcdl-sc.org.br> writes:

> To upgrading from 2.1.30 to 2.3.4 im planning to do:
>
> 1-  slapcat -l base.ldif
> 2-  stop slapd slurpd
> 2-  Compile fresh 2.3.4
> 3-  make install fresh 2.3.4
> 4-  'rm -rf  *' on my old database directory
> 5-  Keep exactly my old slapd.conf from 2.1.30
> 6-  Copy my schemas again to ./schema directory
> 6-  start slapd slurpd
> 7-  slapadd -l base.ldif

You should probably change slapd.conf and
switch 6 to 7 and 7 to 6

> Below i post my slapd.conf, I will be able to have problems with
> sintax/regex ?
> Cheers!, Juliano.
>
> include         /usr/local/etc/openldap/schema/core.schema
> include         /usr/local/etc/openldap/schema/cosine.schema
> include         /usr/local/etc/openldap/schema/inetorgperson.schema
> include         /usr/local/etc/openldap/schema/nis.schema
> include         /usr/local/etc/openldap/schema/samba.schema
> allow bind_v2
>
> pidfile         /usr/local/var/slapd.pid
> argsfile        /usr/local/var/slapd.args
>
>
> database ldbm

You may want to read
http://www.openldap.org/faq/data/cache/1165.html
http://www.openldap.org/faq/data/cache/1167.html

If you switch to bdb, don't forget to create a DB_CONFIG file prior to
slapadd your ldif file.

> suffix "dc=rumonorte,dc=org"
> rootdn "cn=Manager,dc=rumonorte,dc=org"
> rootpw simplee123
> directory /usr/local/var/openldap-data
> index cn,sn,uid,displayName     pres,sub,eq
> index uidNumber,gidNumber       eq
> index sambaSID                  eq
> index sambaPrimaryGroupSID      eq
> index sambaDomainName           eq
> index objectclass               pres,eq
> index default                   sub
>
> access to attribute=userPassword,sambaNTPassword,sambaLMPassword
>        by dn="cn=Manager,dc=rumonorte,dc=org" write
>        by anonymous auth
>        by self write
>        by * none
>
> access to dn.base="" by * read
>
> access to *
>        by dn="cn=Manager,dc=rumonorte,dc=org" write
>        by * read

man slapd.access(5) and
http://www.openldap.org/faq/data/cache/189.html
will give you additional hints on how to define
access rules.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:01443B53