OpenLDAP failure
Craig White
craigwhite at azapple.com
Wed Oct 24 18:43:52 MST 2007
On Wed, 2007-10-24 at 10:56 -0700, Nathan Aubrey wrote:
> > # cd /var/lib/ldap/data # where I keep the ldap data
> > # /usr/sbin/slapd_db_recover
> > # /sbin/service ldap start
> >
> > I do run scripts daily that slapcat the entire DSA so if needed, I could
> > simply toss out the current data and reload via slapadd.
> >
> > Craig
>
>
> I do a slapcat everyday, but I could not import it! It was continually giving
> me errors about this or that already there, then something else was missing.
> I don't recall now. I have a ldif backup of the proper order things need to
> be re-created in and that works fine. I rarely change any information in the
> ldap so I just maintain the one backup. When I add a user I will create
> another ldif. I used phpldapadmin to create the ldif I can actually use to
> restore. Unless I'm doing the slapcat wrong. Though I did realize today I was
> running ldapadd instead of slapadd. But I don't really care to go back now
> and see if that makes any difference.... I appreciate all your help.
----
I know that you have this fixed but just for completeness...
slapcat -l /tmp/entire_dump.ldif
/etc/init.d/ldap stop
rm
-fr /var/lib/ldap/data/*bdb /var/lib/ldap/data/__db.* /var/lib/ldap/logs/*
# you do use a DB_CONFIG file right?
slapadd -l /tmp/entire_dump.ldif
chown -R ldap:ldap /var/lib/ldap/
/etc/init.d/ldap start
I wouldn't rely upon phpldapadmin for these basic tasks
you have to change the ownership of the files created by slapadd if you
run slapadd as root, otherwise, user ldap won't be able to read them
frequent cron script of slapcat will always save your butt...
Craig
More information about the PLUG-discuss
mailing list