Converting old slapd.conf file to cn=config format
From Notes_Wiki
<yambe:breadcrumb self="cn=config format">OpenLDAP</yambe:breadcrumb>
Converting old slapd.conf file to cn=config format
To convert slapd.conf file to new format start slapd once using '-F' option with an empty directory such as:
service slapd stop mv /etc/openldap/slapd.d /etc/openldap/slapd2.d mkdir /etc/openldap/slapd.d chown -R ldap:ldap /etc/openldap/slapd.d chown -R ldap:ldap /var/lib/ldap slapd -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d -h 'ldap:// ldaps://' -u ldap service slapd restart
Later all slapd related commands can be run using '-F /etc/openldap/slapd.d' without requiring '-f /etc/openldap/slapd.conf' option. This also implies that 'service slapd start' command can be used to start slapd as intended.
Debugging issues with converted configuration
If conversion from config file to directory is performed using slaptest instead of slapd, then following changes may be required in converted configuration to make it work:
- Update all TLS related lines. slaptest does not seem to convert TLS lines properly
- Go to subfolder 'cn=config' and delete any unwanted olcDatabase ldif file. For example if there is additional config file for dc=example,dc=com then delete it.
- Go to subfolder 'cn=config/cn=schema' within destination config dir and delete duplicate schema files
To test initially start slapd with '-d 1' for debug info. Example line is:
slapd -F /etc/openldap/slapd.d -u ldap -h 'ldap:// ldaps://'
<yambe:breadcrumb self="cn=config format">OpenLDAP</yambe:breadcrumb>