> On 09/26/13 14:37 +0300, Jukka Tuominen wrote: >>I'm in the process of changing the domain name of a >>kerberos/openafs/openldap server on ubuntu 10.04 LTS. ldap provides the >>user metadata such as homedir location, user and group id, etc. The >> server >>itself remains the same as well as the IP number. Actually I cloned it, >> so >>I can still access the old, working instance (only one server running at >>any time, since the IP is the same). >> >>I followed instructions telling to >> >>1) export the old data... >> slapcat -v -l ldap.diff >> >>2) replace the old domain instances with the new ones using gedit >> >>3) remove the old data >> rm -rf /var/lib/ldap/* > > Did you recreate this directory?
No. I think the above command removes the contents only, but leaves the /var/lib/ldap in place? I checked the original installation and it seemed to contain the same files. > >>4) import the updated data back >> slapadd -l new-ldap.diff >> >>5) and restore dir permissions >> chown -R openldap:openldap /var/lib/ldap/* >> >>However, whereas the export went seemingly fine, >>importing and manipulating the new data required to point the specific >>slapd.conf file. E.g. slapadd or slapindex without -f >> /etc/ldap/slapd.conf >>would raise an error: >> Available database(s) do not allow [action]. > > So it does work with -f or doesn't? I'm not clear. With -f it works. > > If you modified the suffix in your new-ldap.diff, did you also modify the > suffix in your slapd.conf? Yes I did. And with -f I was pointing the very same file. Weird! I'm not at all familiar with ldap, so I may be overlooking something very simple. br,jukka > > -- > Dan White >
