Difference between revisions of "Converting old slapd.conf file to cn=config format"
From Notes_Wiki
(Created page with "=Converting old slapd.conf file to cn=config format= To convert slapd.conf file to new format start slapd once using '<tt>-F</tt>' option with an empty directory such as: <pr...") |
m |
||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[LDAP servers]] > [[OpenLDAP]] > [[Converting old slapd.conf file to cn=config format|cn=config format]] | |||
=Converting configuration= | |||
To convert slapd.conf file to new format start slapd once | To convert slapd.conf file to new format start slapd once | ||
using '<tt>-F</tt>' option with an empty directory such as: | using '<tt>-F</tt>' option with an empty directory such as: | ||
<pre> | <pre> | ||
service slapd stop | |||
mv /etc/openldap/slapd.d /etc/openldap/slapd2.d | mv /etc/openldap/slapd.d /etc/openldap/slapd2.d | ||
mkdir /etc/openldap/slapd.d | mkdir /etc/openldap/slapd.d | ||
chown -R ldap:ldap /etc/openldap/slapd.d | chown -R ldap:ldap /etc/openldap/slapd.d | ||
chown -R ldap:ldap /var/lib/ldap | |||
slapd -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d -h 'ldap:// ldaps://' -u ldap | slapd -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d -h 'ldap:// ldaps://' -u ldap | ||
service slapd restart | |||
</pre> | </pre> | ||
Line 17: | Line 21: | ||
=Debugging issues with converted configuration= | |||
If conversion from config file to directory is performed | If conversion from config file to directory is performed | ||
Line 31: | Line 35: | ||
slapd -F /etc/openldap/slapd.d -u ldap -h 'ldap:// ldaps://' | slapd -F /etc/openldap/slapd.d -u ldap -h 'ldap:// ldaps://' | ||
</pre> | </pre> | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[LDAP servers]] > [[OpenLDAP]] > [[Converting old slapd.conf file to cn=config format|cn=config format]] |
Latest revision as of 15:13, 13 March 2022
Home > CentOS > CentOS 6.x > LDAP servers > OpenLDAP > cn=config format
Converting configuration
To convert slapd.conf file to new format start slapd once using '-F' option with an empty directory such as:
service slapd stop mv /etc/openldap/slapd.d /etc/openldap/slapd2.d mkdir /etc/openldap/slapd.d chown -R ldap:ldap /etc/openldap/slapd.d chown -R ldap:ldap /var/lib/ldap slapd -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d -h 'ldap:// ldaps://' -u ldap service slapd restart
Later all slapd related commands can be run using '-F /etc/openldap/slapd.d' without requiring '-f /etc/openldap/slapd.conf' option. This also implies that 'service slapd start' command can be used to start slapd as intended.
Debugging issues with converted configuration
If conversion from config file to directory is performed using slaptest instead of slapd, then following changes may be required in converted configuration to make it work:
- Update all TLS related lines. slaptest does not seem to convert TLS lines properly
- Go to subfolder 'cn=config' and delete any unwanted olcDatabase ldif file. For example if there is additional config file for dc=example,dc=com then delete it.
- Go to subfolder 'cn=config/cn=schema' within destination config dir and delete duplicate schema files
To test initially start slapd with '-d 1' for debug info. Example line is:
slapd -F /etc/openldap/slapd.d -u ldap -h 'ldap:// ldaps://'
Home > CentOS > CentOS 6.x > LDAP servers > OpenLDAP > cn=config format