[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Migrating from slapd 2.3 to 2.4


> You can take the advise of someone who has been running OpenLDAP for
> over a decade, or you can continue to fail.  Your choice.  My point

I have no intention of re-inventing the wheel, trust me.

> In your last email, you failed to show the source of your "find"
> command. As has been mentioned more than once now, no one else is
> having them fail to migrate.  It still remains entirely possible you
> are looking in the wrong location.

I'm not using Zimbra if that helps.

I looked in the /etc/openldap directory and all sub-directories.

I'm wondering if the slaptest utility did not convert my tls
statements since I had not yet enabled ldaps in the
/etc/sysconfig/ldap config file.  (Yuck, yet another ldap config file!
Yes I know this is a Fedora conf file.)

> cn=config  cn=config.ldif
> root@zre-ldap004:/opt/zimbra/data/ldap/config# grep -i olctls *
> cn=config.ldif:olcTLSCertificateFile: /opt/zimbra/conf/slapd.crt
> cn=config.ldif:olcTLSCertificateKeyFile: /opt/zimbra/conf/slapd.key
> cn=config.ldif:olcTLSCACertificatePath: /opt/zimbra/conf/ca
> cn=config.ldif:olcTLSCRLCheck: none
> cn=config.ldif:olcTLSVerifyClient: never

I looked in my equivalent.

Anyway, I'm going to continue using the conf file until I get my new
machine in place and then I'll come back to the conversion and follow
your advice to the letter.  I do appreciate it.