Re: 2.1 upgrade issue

["John Madden" <jmadden@ivytech.edu>]

> As 2.1.6 is considered the most stable version available, I attempted to
> upgrade from 2.0.x this weekend and failed pretty miserably.  Even my
> LDIF dump of the 2.0.x databases weren't compatible and had to be
> manually modified for slapadd to not complain about them.  The most
> strange issue is that browsing beyond the root of the directory is not
> possible, although ldapsearch does work if a deeper search base is
> specified.  Then there's the lack of LDAP2 binds, which I found how to
> configure around from the list archives.

(Replying to my own post here...)

I've pulled a bit more info from slapd.  It seems the "No such object"
errors  with the search base of the root appear to be a typical
"insufficient access":

conn=14 op=0 BIND dn="" method=128
conn=14 op=0 RESULT tag=97 err=0 text=
conn=14 op=1 SRCH base="dc=ivy,dc=tec,dc=in,dc=us" scope=2
filter="(objectClass=*)"
conn=14 op=1 RESULT tag=101 err=32 text=
conn=14 op=2 UNBIND

However, this is with only a single ACL: access to * by * read.  Change
the search base to one level below the root, say,
ou=people,dc=ivy,dc=tec,dc=in,dc=us, and everything works as expected.  So
why not at the root?

Further troubles: Passwords encrypted with the typical {CRYPT} hashes seem
to no longer work: I can't bind against them anymore:

conn=0 op=0 BIND
dn="ctCalXItemId=00100:00001,ou=admins,ou=ctime,ou=Applications,dc=ivy,dc=tec,dc=in,dc=us"
method=128
conn=0 op=0 RESULT tag=97 err=49 text=

..."Invalid credentials."

So I ask again: Is there a document anywhere outlining the changes in
operation made since v2.0.x?  Does anyone have any suggestions on how to
make the migration smoothly?

Thanks,
  John





-- 
John Madden
UNIX Systems Engineer
Ivy Tech State College
jmadden@ivytech.edu