Re: Changing the DN of an OpenLDAP server

[masarati@aero.polimi.it]

> I've recently needed to change my domain name.
>
> My OpenLDAP server is currently set to use "dc=master,dc=some,dc=com"
>
> And I need to change it to "dc=master,dc=other,dc=com"
>
> Obviously, the clients will need to be updated as well, but I need to
> start with the server.
>
> I haven't been too successful in finding how to do this; I suspect I'm
> just using the wrong search terms.  Where can I find the documentation
> that explains how to do this?

Not sure what you mean by "changing the DN"; do you already have a
configured database with the old suffix, and you want to change it to
something else?  If the database is empty, you only need to change it (if
you use slapd.conf edit it and change the "suffix" statement and any
related statement, e.g. rootdn and ACLs; if you use back-config modify the
olcSuffix and related statements using e.g. ldapmodify).

If it contains data, you'll need to export data with slapcat, then edit
the resulting LDIF to reflect the change, then reconfigure slapd like in
the above case, and finally reload the modified data.

A "safe" interim approach would be to leave the database with the old
suffix in place, and use an instance of back-relay to produce a virtual
view of the old database with the new suffix, so that old and new
applications can coexist with consistent data.

p.