首页  :: 新随笔  :: 联系 :: 订阅 订阅  :: 管理

Resolve the error of slapd at ubuntu 8.04 LTS upgrading to 10.04

Posted on 2011-02-24 23:02  昕旸灿烂  阅读(242)  评论(0)    收藏  举报

ubuntu 8.04 LTS 升级到 10.04,一直好好的,但是在升级openldap时,出现了问题。解决问题的过程不说了,记下来几行命令吧:

  • cp /var/backups/slapd-2.4.9-0ubuntu0.8.04.4/* /root
  • apt-get purge slapd
  • do-release-upgrade
  • apt-get update
  • apt-get upgrade
  • apt-get install slapd
  • 初始化slapd.d
    • ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
    • ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
    • ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
  • 生成根
    • slappasswd
    • vi backend.sample.com.ldif

# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb

# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=example,dc=com
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,dc=example,dc=com
olcRootPW: slappasswd's value #for example:{SSHA}0KfH3l8KwibzizCE30yN5PmAPweMtkBw
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn="cn=admin,dc=example,dc=com" write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=admin,dc=example,dc=com" write by * read 

  •  
    • ldapadd -Y EXTERNAL -H ldapi:/// -f backend.example.com.ldif
  • 删除不能导入的属性
    • cp /root/*.ldif frontend.example.com.ldif
    • sed -i "/structuralObjectClass/d" frontend.example.com.ldif
    • sed -i "/entryUUID/d" frontend.example.com.ldif
    • sed -i "/creatorsName/d" frontend.example.com.ldif
    • sed -i "/createTimestamp/d" frontend.example.com.ldif
    • sed -i "/entryCSN/d" frontend.example.com.ldif
    • sed -i "/modifyTimestamp/d" frontend.example.com.ldif
    • sed -i "/modifiersName/d" frontend.example.com.ldif
  • 导入之前的数据
    • ldapadd -x -D cn=admin,dc=example,dc=com -W -f frontend.example.com.ldif
  • 看看效果:
    • ldapsearch -xLLL -b "dc=example,dc=com" uid=john

参考文献: