[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP migration from 2.3 to 2.4
Hi All,
I'm currently in the progress of moving from v2.3 to 2.4 and have been
following the procedure shown in the documentation for switching from the
old slapd.conf to the new cn= format, i.e. slaptest -f <path> -F path> .
If I copy over slapd.conf from my old server and run slapd -d 256 , it
starts perfectly and answers querires, etc.. If, on the other hand, I run
the slaptest command shown above I get the following:
<= str2entry(cn={1}core) -> 0x7fda53d38798
=> access_allowed: search access to "cn={1}core,cn=schema,cn=config"
"objectClass" requested
<= root access granted
=> access_allowed: search access granted by manage(=mwrscxd)
olcAttributeTypes: value #0 olcAttributeTypes: Duplicate attributeType:
"2.5.4.2"
config error processing cn={1}core,cn=schema,cn=config: olcAttributeTypes:
Duplicate attributeType: "2.5.4.2"
send_ldap_result: conn=-1 op=0 p=0
send_ldap_result: err=80 matched="" text=""
slapd destroy: freeing system resources.
slapd stopped.
connections_destroy: nothing to destroy.
I've been around Google and have found no solutions. My slapd.conf is
years old and was made according to the smbldap tutorial originally
written by IDEALX. The file is shown below and any info is welcome.
Thanks,
Julian
####slapd.conf ####
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
database bdb
directory /var/lib/ldap
suffix "dc=bordengrammar,dc=kent,dc=sch,dc=uk"
rootdn "cn=Administrator,dc=bordengrammar,dc=kent,dc=sch,dc=uk"
sizelimit 10000
idletimeout 3700
rootpw {SSHA}<removed>
index objectClass,uidNumber,gidNumber eq
index cn,sn,uid,displayName pres,sub,eq
index memberUid,mail,givenname eq,subinitial
index sambaSID,sambaPrimaryGroupSID,sambaDomainName eq
# TLSCertificateFile /etc/openldap/cacerts/ldap.cert
# TLSCertificateKeyFile /etc/openldap/cacerts/ldap.key
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by self write
by anonymous auth
by * none
access to *
by * read
access to
attrs=userPassword,sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwdMustChange
by dn="cn=samba,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=smbldap-tools,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=nssldap,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by self write
by anonymous auth
by * none
access to
attrs=objectClass,entry,homeDirectory,uid,uidNumber,gidNumber,memberUid
by dn="cn=samba,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=smbldap-tools,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by * read
access to
attrs=description,telephoneNumber,roomNumber,homePhone,loginShell,gecos,cn,sn,givenname
by dn="cn=samba,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=smbldap-tools,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by self write
by * read
access to
attrs=cn,sambaLMPassword,sambaNTPassword,sambaPwdLastSet,sambaLogonTime,sambaLogoffTime,sambaKickoffTime,sambaPwdCanChange,sambaPwdMustChange,sambaAcctFlags,displayName,sambaHomePath,sambaHomeDrive,sambaLogonScript,sambaProfilePath,description,sambaUserWorkstations,sambaPrimaryGroupSID,sambaDomainName,sambaMungedDial,sambaBadPasswordCount,sambaBadPasswordTime,sambaPasswordHistory,sambaLogonHours,sambaSID,sambaSIDList,sambaTrustFlags,sambaGroupType,sambaNextRid,sambaNextGroupRid,sambaNextUserRid,sambaAlgorithmicRidBase,sambaShareName,sambaOptionName,sambaBoolOption,sambaIntegerOption,sambaStringOption,sambaStringListoption
by dn="cn=samba,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=smbldap-tools,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by self write
by * read
access to dn.base="dc=bordengrammar,dc=kent,dc=sch,dc=uk"
by dn="cn=samba,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=smbldap-tools,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by * none
access to dn="ou=Users,dc=bordengrammar,dc=kent,dc=sch,dc=uk"
by dn="cn=samba,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=smbldap-tools,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by * none
access to dn="ou=Groups,dc=bordengrammar,dc=kent,dc=sch,dc=uk"
by dn="cn=samba,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=smbldap-tools,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by * none
access to dn="ou=Computers,dc=bordengrammar,dc=kent,dc=sch,dc=uk"
by dn="cn=samba,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by dn="cn=smbldap-tools,ou=DSA,dc=bordengrammar,dc=kent,dc=sch,dc=uk" write
by * none
access to *
by dn="cn=slapmaster,ou=Users,dc=bordengrammar,dc=kent,dc=sch,dc=uk" read
by self read
by * none