>Thanks Alex for replying,
OK, a days work has led me to discover that while apt-get purge --auto-remove slapd ldap-utils does not actually purge slapd or ldap-utils, but appears to uninstall them and purge all their dependencies. I think this was behind my larger issues with openldap, apt-get purge slapd ldap-utils fixed that for me. I am now circling back around to my original problem.
to clarify, there are 2 servers.
DC Server - AD set up, internal users and groups and policy etc. All working fine.
ubuntu server - OpenLDAP set up, external users usernames and passwords. we need our various web apps to point to this for authentication and return users from either of the DSA's
backend of openLDAP currently set up like this (basically straight from a tutorial) -
# Load dynamic backend modules
# Database settings
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn="cn=admin,dc=companyname,dc=local" write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=admin,dc=companyname,dc=local" write by * read
I am trying to get the proxy set up at dc=AD,dc=companyname,dc=local.
so far my slapd.conf is -
# AD server proxy
however on running slaptest I get
slapd.conf: line 4: <suffix> invalid DN 21 (Invalid syntax)
slaptest: bad configuration directory!
I tried suffix with and without the "s to no avail.
A side question which neither man slaptest nor google has answered for me thusfar, will slaptest add the configuration to slapd.d or overwrite it?
I do totally get that I am basically asking someone to do my job for me here, which is not a habit I like to cultivate but I would be eternally grateful if anyone could just point me in the right direction. I have done enough tech support to be frustrated to be on this side of the RTFM coin but I assure you I have trawled man pages, tutorials and forums before I came here.