[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8150) slapcat cn=config produces LDIF that will not re-load

Full_Name: Andrew Findlay
Version: 2.4.40
OS: CentOS 7
Submission from: (NULL) (2001:8b0:8d0:f7e1:a136:6cef:11df:9726)

When using cn=config it is sometimes necessary to extract the whole config to an
LDIF file, edit it and re-load into an empty directory. Therefore I would expect
the null-edit case to work for any system:

slapcat -F .../config -n 0 -o ldif-wrap=no % e extracted.ldif
rm -rf .../config
mkdir .../config
slapadd -F .../config -n 0 -l extracted.ldif

What I actually get is an error message:
slapadd: dn="olcDatabase={-1}frontend,cn=config" (line=250): (64) value of
single-valued naming attribute 'olcDatabase' conflicts with value present in

The problem is the frontend database entry:

dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: frontend
olcAccess: {0}to *  by * read
structuralObjectClass: olcDatabaseConfig
entryUUID: 35adc8f6-9363-1034-85ee-896d5ca46112
creatorsName: cn=config
createTimestamp: 20150520174137Z
entryCSN: 20150520174137.558106Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20150520174137Z
%SpSpecifically, the '{-1}' in the dn should either be omitted or should also
be present on the olcDatabase attribute in the entry itself.

The problem is in the behaviour of slapcat, but may be related to the fix for