Ubuntu
openldap2.3 package

Community docs for OpenLDAPServer remove the rootdn from tree

Bug #112663 reported by Geert JM Vanderkelen
2
Affects Status Importance Assigned to Milestone
openldap2.3 (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

The following Wiki page (immutable):
  https://help.ubuntu.com/community/OpenLDAPServer

has a step saying to remove the existing tree/data using:
  sudo rm -rf /var/lib/ldap/*

However, this is no good as you also removing the rootdn cn=admin,dc=example,dc=com. This makes it impossible to later start the slapd following the steps on that wiki (using feisty).

Two suggestions to fix this:
- put the cn=admin,dc=example,dc=com into the intial LDIF

dn: cn=admin,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator

- or, IMHO better, to not remove the initial tree at all but instead propose to run dpkg-reconfigure slapd. That makes it a bit more timeless as there are various steps in this procedure that might change. It's also more 'standard' so to say.. Then use ldap -xLLL to add the initial LDIF but with the -c (don't stop on errors).

Hope this helps.

Revision history for this message
Geert JM Vanderkelen (geertjmvdk) wrote :

Odd, clicking a bit in the Wiki, and now I can edit it.
I'll try to fix it myself :)

Can be closed.

Brian Murray (brian-murray)
Changed in openldap2.3:
status: Unconfirmed → Rejected
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.