On 08/16/2011 10:20 AM, Michael Kershaw wrote:
All, I've currently been tasked with migrating the contents of a contained ldap environment running openldap-2.1 to a new development server running sles11 with openldap-2.3.37. I've begun to populate the new environment, but have hit an "Invalid DN syntax" error that I'm not quite sure how to get around yet.
You might consider using a newer version. The 2.4.x versions of OpenLDAP have treated us well. If your distro of choice doesn't offer a pre-compiled OpenLDAP that's a fairly recent version, compiling from source isn't that difficult.
In the past, when I've upgraded OpenLDAP (particularly, when the newer version was built with a newer version of BerkeleyDB) and I was worried about binary data file compatibility, I've used slapcat and slapadd to copy database contents, rather than ldapadd.
Hit the man pages for slapcat and slapadd on your systems to be sure, but if memory serves, you'd just want to this on your old LDAP server:
cd <whatever-dir-contains-your-db-files> slapcat -f <your-slapd.conf-file> >/var/tmp/backup.ldif Then copy the resulting ldif file to your new server and do: cd <whatever-dir-will-contain-your-db-files> slapadd -f <your-slapd.conf-file> < /var/tmp/backup.ldif Then startup the new slapd using the freshly generated database files. Brent
I'm new to ldap from a server point of view, so I'm learning as I chug through this. This piece is what's in the existing 2.1: dn: group-name=EDI Technician,ou=group,ou=edi,dc=coat,dc=com objectClass: group-roles group-name: EDI Technician roles: EDI Technician And when I go to add: ldapadd -x -W -D "cn=edi_admin,ou=edi,dc=coat,dc=com" -f ./edi-tech_roles.ldif Enter LDAP Password: adding new entry "group-name=EDI Technician,ou=group,ou=edi,dc=coat,dc=com" ldap_add: Invalid DN syntax (34) additional info: invalid DN Is it the "group-name" that's no longer valid syntax? If so, is there an equivalent? Any help is appreciated! Mike