Thank you, adding attributes directly to cn=schema,cn=config was my problem! No
more schema issues now.
For posterity, and in case I managed to klutz something else, ahem:
----------
dn: cn=postfix,cn=schema,cn=config
changetype: add
cn: postfix
objectClass: olcSchemaConfig
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.200 NAME 'mailacceptinggeneralid'
DESC 'Postfix mail local address alias attribute' EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.201 NAME 'maildrop' DESC 'Postfix
mail final destination attribute' EQUALITY caseIgnoreMatch SUBSTR
caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
olcObjectClasses: ( 1.3.6.1.4.1.4203.666.1.100 NAME 'postfixUser' DESC 'Postfix
mail user class' SUP top AUXILIARY MAY ( mailacceptinggeneralid $ maildrop ))
----------
That did three things for me:
a) schema errors on slapcat/slapschema stopped
b) postfix attributes no longer available from cn=schema,cn=config via
ldapsearch
c) fixed other slapd after replication
I had a look under the hood and the attributes still exist in
cn=schema,cn=config. Removing a specific attribute is being a bit recalcitrant
("olcObjectClasses: no such value"), I will figure that out later. The
attributes under cn=schema,cn=config are at least defanged.
Very much appreciate it!
