Re: Why built-in schemas are a bad idea

[Quanah Gibson-Mount <quanah@symas.com>]

--On Wednesday, November 07, 2018 11:05 AM +0100 Ulrich Windl 
<Ulrich.Windl@rz.uni-regensburg.de> wrote:

> Hi!
>
> I had reported about trouble when upgrading the openldap from SLES11 SP4
> to that from SLES12 SP3. Besides the version jump, SUSE also removed some
> modules that had been static in SLES11, so that they need to be loaded
> dynamically now. Besides that, the bdb version was updated as well, and
> some other minor things.

The OpenLDAP project has long recommended against using distribution 
provided builds for a variety of reasons.  You've just excellent summarized 
another reason why they should be avoided -- You have no control over 
whether or not they will change how they build the software and thus 
utterly destroy a working deployment.

What you will have to do:

a) Use slapcat with the older SLES build to export your cn=config database
b) Update the resulting LDIF so that it works correctly with the new SLES 
build
c) Import it with the new SLES slapd

None of this is a problem with OpenLDAP.  Everything about this is a 
problem with SLES.

Regards,
Quanah



--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>