Everyone: Thanks so much for your insightful replies, they're very much appreciated. A few follow-up notes and questions, that you may be able to help me with:
>> First, I note that 2.1 is historic. However, 2.3 behaves in the >> same manner. See <http://www.openldap.org/faq/index.cgi?file=883> >> for a discussion of this error. I fat fingered that version number, I'm not running 2.1; rather, our system is built upon Debian's 'testing' OpenLDAP version 2.2.26-5. I'd consider building my own package from OpenLDAP 2.3 sources if you think there's significant reason to do so (I haven't yet had the time to look into this myself). > Another option, if you are going to be doing this for every user, > would be to slapcat the database, sed the file to replace > organizationalPerson with inetorgperson, and then reload the > database with slapadd. Quanah, thanks for the idea, I've considered this very thing. My ldap-foo isn't strong yet, and I'm curious as to password persistence across database reloads. If I were to shutdown slapd, dump the db with slapcat, modify the records (is it feasible to leave 'objectmodel: organizationalperson' and add 'objectmodel: inetorgperson'? I would think so), and then reload the modified db, would ldap passwords for each of the users be preserved? Another question in the same vein is: when one slapcat's the db, and reinserts it, is there some kind of manual thing that has to be done to blow away the previous db? Thanks so much for the help, everyone. Regards, John Quigley https://chicagolug.org/~jquigley/
