[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Changing domain name

To: openldap-technical@openldap.org
Subject: Re: Changing domain name
From: "Jukka Tuominen" <jukka.tuominen@finndesign.fi>
Date: Sat, 28 Sep 2013 13:10:10 +0300 (EEST)
Importance: Normal
In-reply-to: <aceddacda8141d79921be96de41e7390.squirrel@webmail.neutech.fi>
References: <50b64ce3accc86d859b10c321276d588.squirrel@webmail.neutech.fi> <20130926135427.GD6725@dan.olp.net> <aceddacda8141d79921be96de41e7390.squirrel@webmail.neutech.fi>
User-agent: SquirrelMail/1.4.17

Still not working. A few more things that I've noticed:

- While pointing to slapd.conf file with -f, slapadd and slapadd seem to
work, but starting the daemon similarly with -f doesn't help finding the
actual content (e.g. ldapsearch -x uid=xxx).
- The original, working setup doesn't use the slapd.conf. Disabling the
file in the new system didn't help.
- Running slapadd with -b option (and without -f) returns error:
   slapadd: slap_init no backend for "dc=xxx,dc=xxx"

I also wonder if there are any configurations outside /etc/ that I should
tweak or check the file/dir permissions?

Any help is greatly appreciated
br,jukka

>
>
>> On 09/26/13Â14:37Â+0300, Jukka Tuominen wrote:
>>>I'm in the process of changing the domain name of a
>>>kerberos/openafs/openldap server on ubuntu 10.04 LTS. ldap provides the
>>>user metadata such as homedir location, user and group id, etc. The
>>> server
>>>itself remains the same as well as the IP number. Actually I cloned it,
>>> so
>>>I can still access the old, working instance (only one server running at
>>>any time, since the IP is the same).
>>>
>>>I followed instructions telling to
>>>
>>>1) export the old data...
>>>   slapcat -v -l ldap.diff
>>>
>>>2) replace the old domain instances with the new ones using gedit
>>>
>>>3) remove the old data
>>>   rm -rf /var/lib/ldap/*
>>
>> Did you recreate this directory?
>
> No. I think the above command removes the contents only, but leaves the
> /var/lib/ldap in place? I checked the original installation and it seemed
> to contain the same files.
>
>>
>>>4) import the updated data back
>>>   slapadd -l new-ldap.diff
>>>
>>>5) and restore dir permissions
>>>   chown -R openldap:openldap /var/lib/ldap/*
>>>
>>>However, whereas the export went seemingly fine,
>>>importing and manipulating the new data required to point the specific
>>>slapd.conf file. E.g. slapadd or slapindex without -f
>>> /etc/ldap/slapd.conf
>>>would raise an error:
>>>   Available database(s) do not allow [action].
>>
>> So it does work with -f or doesn't? I'm not clear.
>
> With -f it works.
>
>>
>> If you modified the suffix in your new-ldap.diff, did you also modify
>> the
>> suffix in your slapd.conf?
>
> Yes I did. And with -f I was pointing the very same file. Weird!
> I'm not at all familiar with ldap, so I may be overlooking something very
> simple.
>
> br,jukka
>
>
>>
>> --
>> Dan White
>>
>
>
>

References:
- Changing domain name
  - From: "Jukka Tuominen" <jukka.tuominen@finndesign.fi>
- Re: Changing domain name
  - From: Dan White <dwhite@olp.net>
- Re: Changing domain name
  - From: "Jukka Tuominen" <jukka.tuominen@finndesign.fi>

Prev by Date: Re: Synchronous or asynchronous replication
Next by Date: Re: Re: Slapd permission issues
Index(es):
- Chronological
- Thread