[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapcat output from 2.0.21 to slapadd to openldap-2.3.24

The question might seem like it's on the level of "Why do people make
spelling errors?", but it seems like many others who are running older
openldap servers migrating to newer servers also have had this
problem.  Did the standards change?

I don't think the standards changed; OpenLDAP 2.0.21 was in error for allowing it. This error has been realized and corrected, as you see in the recent version.

I guess the best approach is to make sure I have legit data on the new
server and then cutover and pray that applications that use the ldap
server continue on working.  If not, then revert back to the old ldap
server and regroup..  Any feedback is greatly appreciated!

Personally, I'd hope that the vast majority of your clients expect data that complies with standards and will work better with cleaned up data on 2.3 than non-compliant data on 2.0. However, it is conceivable that you have applications that sadly depend on the broken data. In the absence of a 2.3-based UA/testing environment (which would probably be a very clean solution), your approach sounds like a balance between possible bug-for-bug compatibilities and trying to upgrade your infrastructure quickly.