Re: Openldap unable to start after upgrading from 2.4 to 2.5

Wed, 09 Jul 2025 11:31:47 -0700 


On 7/9/25 7:14 PM, Kaya Saman wrote:


On 7/9/25 6:59 PM, Ryan Tandy wrote:

On Wed, Jul 09, 2025 at 10:21:55AM +0100, Kaya Saman wrote:

Has something with the configuration file changed in the meantime, 
or based off this line: "ldif_read_file: no entry file 
"/usr/local/etc/openldap//cn=config.ldif"" is it something to do 
with the slapd.ldif file in the openldap directory?




If need be I can post my slapd.conf file too.... any pointers would 
be great or at least if there was somewhere to increase the logging 
to say exactly what and where is wrong would be great.


Does your slapd command line include an -f or -F argument?


If I remember correctly, in 2.4 the default if not specified was to 
use a traditional config file (slapd.conf(5); -f .../slapd.conf).



In 2.5 (and later), I believe the default is a configuration database 
(slapd-config(5) aka cn=config; -F .../slapd.d).



You can use a slapd.conf file with 2.5. You just have to run slapd 
with an explicit '-f /usr/local/etc/openldap/slapd.conf'.



The slapd.ldif file is an example of an LDIF file for bootstrapping a 
cn=config database (input to slapadd(8)). It is not a usable config 
file on its own.



Ok I think I'm starting to get somewhere :-)



I didn't run the command like your example, instead I used -F 
/usr/local/etc/openldap



This is what your command gives me:



/usr/local/libexec/slapd -u ldap -g ldap -d 1 -s -1 -f 
/usr/local/etc/openldap/slapd.conf
686eb0f0.2c8e4201 0x829dda000 @(#) $OpenLDAP: slapd 2.5.20 (Jul  8 
2025 21:55:10) $
@ldap.FQDN:/usr/ports/net/openldap25-server/work/openldap-2.5.20/servers/slapd 


686eb0f0.2c9d5bf1 0x829dda000 daemon: SLAP_SOCK_INIT: dtblsize=231210
686eb0f0.2ca12125 0x829dda000 daemon_init: listen on ldap:///
686eb0f0.2ca1e096 0x829dda000 daemon_init: 1 listeners to open...
686eb0f0.2ca283da 0x829dda000 ldap_url_parse_ext(ldap:///)
686eb0f0.2ca49d8e 0x829dda000 daemon: listener initialized ldap:///
686eb0f0.2ca53316 0x829dda000 daemon_init: 1 listeners opened
686eb0f0.2ccc5977 0x829dda000 slapd init: initiated server.
686eb0f0.2cd8906a 0x829dda000 slap_sasl_init: initialized!
686eb0f0.2d182a50 0x829dda000 mdb_back_initialize: initialize MDB backend

686eb0f0.2d18fc75 0x829dda000 mdb_back_initialize: LMDB 0.9.33: (May 
21, 2024)
686eb0f0.2de722c3 0x829dda000 could not stat config file 
"/usr/local/etc/openldap/schema/ppolicy.schema": No such file or 
directory (2)

686eb0f0.2de7f247 0x829dda000 slapd destroy: freeing system resources.
686eb0f0.2defbafd 0x829dda000 slapd stopped.
686eb0f0.2df084a5 0x829dda000 connections_destroy: nothing to destroy.



So now I have to figure out where to get the ppolicy schema file from 
as I can't remember if I grabbed it from the @port config or somewhere 
else.....




Ok really weird!


locate ppolicy.schema
/usr/local/etc/openldap/schema/ppolicy.schema
/usr/local/etc/openldap/schema/ppolicy.schema.sample
/usr/local/etc/openldap.orig/schema/ppolicy.schema
/usr/local/etc/openldap.orig/schema/ppolicy.schema.sample


the file system thinks I have this file but in actual fact I don't:


 pwd
/usr/local/etc/openldap/schema
/usr/local/etc/openldap/schema # ls |grep ppolicy


??


The port has the ppolicy flag set too....


Now I'm getting this:



/usr/local/libexec/slapd -u ldap -g ldap -d 1 -s -1 -f 
/usr/local/etc/openldap/slapd.conf
686eb537.03115ed2 0x82927a000 @(#) $OpenLDAP: slapd 2.5.20 (Jul  8 2025 
21:55:10) $

@ldap.FQDN:/usr/ports/net/openldap25-server/work/openldap-2.5.20/servers/slapd
686eb537.03232de6 0x82927a000 daemon: SLAP_SOCK_INIT: dtblsize=231210
686eb537.03263e8b 0x82927a000 daemon_init: listen on ldap:///
686eb537.03272d23 0x82927a000 daemon_init: 1 listeners to open...
686eb537.0327d433 0x82927a000 ldap_url_parse_ext(ldap:///)
686eb537.0329e320 0x82927a000 daemon: listener initialized ldap:///
686eb537.032a63fc 0x82927a000 daemon_init: 1 listeners opened
686eb537.03513b25 0x82927a000 slapd init: initiated server.
686eb537.035d5513 0x82927a000 slap_sasl_init: initialized!
686eb537.039e623a 0x82927a000 mdb_back_initialize: initialize MDB backend

686eb537.039f2eee 0x82927a000 mdb_back_initialize: LMDB 0.9.33: (May 21, 
2024)
686eb537.04bd4257 0x82927a000 register_at: AttributeType "( 
1.3.6.1.4.1.42.2.27.8.1.1 NAME ( 'pwdAttribute' ) EQUALITY 
objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )": Duplicate 
attributeType, 1.3.6.1.4.1.42.2.27.8.1.1

686eb537.04be1f97 0x82927a000 ppolicy_initialize: register_at failed
686eb537.04c0877b 0x82927a000 slapd destroy: freeing system resources.
686eb537.04c9cc41 0x82927a000 slapd stopped.
686eb537.04ca9c9e 0x82927a000 connections_destroy: nothing to destroy.























					Reply via email to