[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem with slapadd in migrating LDAP servers

Noted: sorry of intermingling the two commands. It has been a bit frustrating with all of this.

I tried using ldapadd with just "manager" instead but seems all I get are 
ldap_bind: Invalid credentials (49)
Tried using no CN at all, 

Is there a better guide for migrating ldap to a new server that anyone would recommend?

I've been using the Redhat guide but it obviously is lacking a little bit and their support is too. 

With no CN:
# ldapadd -x -D "dc=mydomain,dc=com" -W -f /tmp/nis.ldif.ldapDump
Enter LDAP Password:
ldap_bind: Invalid credentials (49)


Tried with no password, assuming that none has been correctly set:
# ldapadd -x -D "dc=mydomain,dc=com" -W -f /tmp/nis.ldif.ldapDump
Enter LDAP Password:
ldap_bind: Server is unwilling to perform (53)
        additional info: unauthenticated bind (DN with no password) disallowed

Turn of slapd and use slapadd:

# slapadd -l /tmp/nis.ldif.ldapDump
56afc9ed The first database does not allow slapadd; using the first available one (2)
56afc9ed bdb_db_open: warning - no DB_CONFIG file found in directory /var/lib/ldap: (2).
Expect poor performance for suffix "dc=my-domain,dc=com".
slapadd: line 1: database #2 (dc=my-domain,dc=com) not configured to hold "ou=Hosts,dc=company,dc=com"; no database configured for that naming context
_                       0.01% eta   none elapsed            none spd   2.3 M/s
Closing DB...

Surely I am not the first person to try migrating data but searching for good guides on this has not turned up anything that works. 


BTW Quanah, I loved my Zimbra server back in the 3.x days, was wonderful, hated leaving that behind. Not sure how long you've been with them but kudos for your work with that.

Thanks again,
Ken

From: Quanah Gibson-Mount <quanah@zimbra.com>
To: k j <kj37075@yahoo.com>; openldap-technical@openldap.org
Sent: Friday, January 29, 2016 3:35 PM
Subject: Re: problem with slapadd in migrating LDAP servers

--On Friday, January 29, 2016 8:25 PM +0000 k j <kj37075@yahoo.com> wrote:



> ldapadd -x -D "cn=administrator,dc=mydomain,dc=com" -W -f
> nis.ldif.ldapDump


That is ldapadd, not slapadd.

Since you haven't imported your database yet, I'm going to guess the user
doesn't exist in it yet, thus it can't bind.  This is why one would need to
use slapadd with slapd offline instead.

I would note it is highly recommended to avoid the broken RHEL packages of
OpenLDAP.  If you require paid support for your LDAP deployment, you likely
want to contact Symas and use their packages.  If you are fine without paid
support, you may wish to use the packages provided by the LTB project if
you are not comfortable building OpenLDAP on your own.

--Quanah

--

Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration