Community docs for OpenLDAPServer remove the rootdn from tree

Bug #112663 reported by Geert JM Vanderkelen
Affects Status Importance Assigned to Milestone
openldap2.3 (Ubuntu)

Bug Description

The following Wiki page (immutable):

has a step saying to remove the existing tree/data using:
  sudo rm -rf /var/lib/ldap/*

However, this is no good as you also removing the rootdn cn=admin,dc=example,dc=com. This makes it impossible to later start the slapd following the steps on that wiki (using feisty).

Two suggestions to fix this:
- put the cn=admin,dc=example,dc=com into the intial LDIF

dn: cn=admin,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator

- or, IMHO better, to not remove the initial tree at all but instead propose to run dpkg-reconfigure slapd. That makes it a bit more timeless as there are various steps in this procedure that might change. It's also more 'standard' so to say.. Then use ldap -xLLL to add the initial LDIF but with the -c (don't stop on errors).

Hope this helps.

Revision history for this message
Geert JM Vanderkelen (geertjmvdk) wrote :

Odd, clicking a bit in the Wiki, and now I can edit it.
I'll try to fix it myself :)

Can be closed.

Changed in openldap2.3:
status: Unconfirmed → Rejected
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers