[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Migrating from slapd 2.3 to 2.4



--On Monday, May 21, 2012 1:58 PM -0400 Bobby Krupczak <rdk@krupczak.org> wrote:

Hi!

I'm not sure I understand your point.  I used the client and server
builds that came with fedora.  If I don't use their server build, I'd
have to go re-build it, yes?  If I had to do that with other packages,
I'd double my work.  Also, the distros issue patches and it's nice to
have them pushed out to me.  I'm not sure why we're discussing the merits
of distros or not to distro.

You can take the advise of someone who has been running OpenLDAP for over a decade, or you can continue to fail. Your choice. My point was, you can build the OpenLDAP binaries out to your own custom location for running it as a server, and leave the distro build in place for anything that is linked to its libraries.

I will also note that distro "patches" for OpenLDAP are not updating OpenLDAP to current versions. They are purely backports of a specific security issue. Backports of actual later releases are not done by most distros, and especially not rhel/fedora.

I would strongly advise reading:
<http://www.openldap.org/faq/data/cache/1456.html>
and
<http://www.openldap.org/software/release/changes.html>

Anyway, I'm really struggling with conf to olc migration and the lack of
tls primitives.  If this a bug in 2.4.26, I get that and will
download/build a later version but if it's not, I'm not sure what the
payoff is.

In your last email, you failed to show the source of your "find" command. As has been mentioned more than once now, no one else is having them fail to migrate. It still remains entirely possible you are looking in the wrong location.

Here's an example of helpful output:
root@zre-ldap004:/opt/zimbra/data/ldap/config# pwd
/opt/zimbra/data/ldap/config
root@zre-ldap004:/opt/zimbra/data/ldap/config# ls
cn=config  cn=config.ldif
root@zre-ldap004:/opt/zimbra/data/ldap/config# grep -i olctls *
cn=config.ldif:olcTLSCertificateFile: /opt/zimbra/conf/slapd.crt
cn=config.ldif:olcTLSCertificateKeyFile: /opt/zimbra/conf/slapd.key
cn=config.ldif:olcTLSCACertificatePath: /opt/zimbra/conf/ca
cn=config.ldif:olcTLSCRLCheck: none
cn=config.ldif:olcTLSVerifyClient: never

--Quanah

--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration