> -----Original Message-----
> From: Quanah Gibson-Mount <[email protected]>
> Sent: mercredi 20 mai 2020 23:25
> To: Jean-Luc Chandezon <[email protected]>; openldap-
> [email protected]
> Subject: Re: Remove/change replication partner
>
>
>
> --On Wednesday, May 20, 2020 3:33 PM +0000 Jean-Luc Chandezon
> <[email protected]> wrote:
>
> >
> > ldapmodify -Y EXTERNAL -H ldapi:/// -f removeConfigPartner.ldif
> >
> > SASL/EXTERNAL authentication started
> >
> > SASL username:
> gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
> >
> > SASL SSF: 0
> >
> > modifying entry "olcDatabase={0}config,cn=config"
>
> Sounds like the "mirrormode" parameter is incorrectly set to FALSE instead of
> TRUE. In any case, there's clearly multiple things wrong with your config DB
> (like the multiple syncprov overlays).
Once again, you're right.
>
> I would suggest you use slapcat to export it to LDIF, fix it to be correct,
> and
> then import the corrected LDIF with slapadd.
>
I followed your advice by removing wrong lines, but I can not import with
simple line :
slapadd -n 0 -l /tmp/config.ldif
I removed these lines in "dn: olcDatabase={0}config,cn=config" and " dn:
olcDatabase={1}mdb,cn=config" :
olcSyncrepl: {0}rid=01 provider=ldap://bea-olp-001. lanexplore.com binddn
="cn=replication,dc=lanexplore,dc=com" bindmethod=simple credentials=
i4Df0rXigrdz8HtYZemJ searchbase="cn=config" type=refreshAndPersist retry="5
5 300 5" timeout=1
olcSyncrepl: {1}rid=02 provider=ldap://cdb-olp-001. lanexplore.com binddn
="cn=replication,dc= lanexplore,dc=com" bindmethod=simple credentials=
i4Df0rXigrdz8HtYZemJ searchbase="cn=config" type=refreshAndPersist retry="5
5 300 5" timeout=1
olcMirrorMode: FALSE
olcSyncrepl: {0}rid=01 provider=ldap://bea-olp-001. lanexplore.com binddn
="cn=replication,dc= lanexplore,dc=com" bindmethod=simple credentials=
i4Df0rXigrdz8HtYZemJ searchbase="dc= lanexplore,dc=com" type=refreshAn
dPersist retry="5 5 300 5" timeout=1
olcSyncrepl: {1}rid=02 provider=ldap://cdb-olp-001.opticiens-atol.com binddn
="cn=replication,dc= lanexplore,dc=com" bindmethod=simple credentials=
i4Df0rXigrdz8HtYZemJ searchbase="dc= lanexplore,dc=com" type=refreshAn
dPersist retry="5 5 300 5" timeout=1
olcMirrorMode: TRUE
Result: slapadd: could not add entry dn="cn=config" (line=1)
Here are overlays config:
dn: olcOverlay={0}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
structuralObjectClass: olcSyncProvConfig
entryUUID: 5a27c6c6-675a-1039-8db6-a516a2c70684
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
createTimestamp: 20190909143210Z
entryCSN: 20190909143210.478109Z#000000#001#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20190909143210Z
dn: olcOverlay={1}syncprov,olcDatabase={0}config,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {1}syncprov
structuralObjectClass: olcSyncProvConfig
entryUUID: f6e4c5ce-7d4c-1039-8dc3-a516a2c70684
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
createTimestamp: 20191007125146Z
entryCSN: 20191007125146.068170Z#000000#001#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20191007125146Z
Can I safely remove these parts? May I change the next overlay index? (unique
overlay for example)?
Thanks,
Jean-Luc
> --Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
