cy...@stoll.info wrote: > Hi > > For some reason (probably after update to openldap-ltb 2.6.10, or after > reload due to renewed certificate) we lost one organizationalUnit object on > one of our > two provider servers. However there are still two user objects that belong to > this lost organzationalUnit. Therefore openldap created a glue object for the > lost > organizationalUnit. > On the second provider server (setup as multiprovider with the first one) the > organzationalUnit object is still present and all looks like it should. I > have no > idea why one of the providers is still ok and the other is not since they are > otherwise in sync as far as I can tell. > > Unfortunately I did not find clear instructions on how to handle this > situation. The best instructions I found are 15 years old: > http://blog.mycroes.nl/2010/06/recovering-from-glue-objects-in.html > I have no experience with dumping everything with slapcat, deleting the whole > database directory (scary) and importing everything again and it does sound a > bit > brutish. > > So I asked some AI and it suggested to use ldapmodify to replace the glue > object with an ldif like this:
Asking AI is always a mistake. You probably just need to use the manageDSAit control. > > dn: ou=serviceusers,dc=example,dc=com > changetype: modify > add: objectClass > objectClass: organizationalUnit > - > add: ou > ou: serviceusers > > However that did not work as I got the following error message: > > modifying entry "ou=serviceusers,dc=example,dc=com" > ldap_modify: No such object (32) > matched DN: ou=serviceusers,dc=example,dc=com > > So my question is do I have to use the method of dumping everything with > slapcat and then changeing the ldif (rewrite glue to organziationalUnit, > etc.) and > importing it all again? Or is there a more elegant solution to get the > organizationalUnit back? > > Thanks already in advance for every helping suggestion/link/explanation! > > Best regards, > Cyril -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
