[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: help to get our openldap updated and replicated

To: openldap-technical@openldap.org
Subject: Re: help to get our openldap updated and replicated
From: Dieter Klünter <dieter@dkluenter.de>
Date: Thu, 23 Aug 2018 11:54:19 +0200
In-reply-to: <44c05647-c854-cf3d-3430-0de3fda43ca6@genome.arizona.edu>
Organization: AVCI
References: <44c05647-c854-cf3d-3430-0de3fda43ca6@genome.arizona.edu>

Am Tue, 21 Aug 2018 15:50:49 -0700
schrieb admin@genome.arizona.edu:

> Hi all, I am about the 4th sysadmin for our organization, and our 
> openldap is old, 2.4.40 system version for CentOS 6.9.  Also there
> might have been incorrect modifications to the slapd.d files since it
> was really difficult to update things.  The olcRootDN was set to
> "cn=config" somehow so I had to manually update that to the Manager
> account and figure out the CRC32 and everything, but at least I could
> make some updates now.

The cn=config rootDN is correct, if this is bound to a config database.

> Anyway, I would like to get our installation updated to a current 
> version, as well as set up some sort of replication with our other 
> server, in case one goes down then our users could still login and
> use our applications, or I could still add/delete users.  Perhaps a 
> multi-master config would be best?  (Also maybe update the databases
> too since they are using bdb format?  but maybe that is just
> unnecessary extra work)  I tried to setup replication by following a
> guide, but was not successful and actually made things worse for our
> demon, so had to undo the changes for now.  I guess 2.4.40 has some
> problems with replication anyway from what I've heard.

A simple mirror mode schould work anyhow.

> First, to get openldap updated, would it be as simple as compiling
> the new version and then updating the init script /etc/init.d/slapd
> to point to the new binaries?  I would stop slapd and get a backup of 
> /etc/openldap and /var/lib/ldap.  Then I could just leave our current 
> config in /etc/openldap and databases in /var/lib/ldap?  I've already 
> built the new version and "make test" was successful so am ready to 
> proceed from there with your assistance and suggestions.

1. slapcat(8) the old database to a file,
2. install libraries and binaries
3. setup a new config database, that is: creat a slapd.conf file to
   your requirements, configure a slapd-mdb(5) database, load the
   database file by slapadd(8), slaptest(8) will create a config
   database.


-Dieter  

-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E

References:
- help to get our openldap updated and replicated
  - From: admin@genome.arizona.edu

Prev by Date: Re: OpenLDAP instances crashes
Next by Date: Antw: Re: OpenLDAP instances crashes
Index(es):
- Chronological
- Thread