And of course if I had read (and understood) the man page correctly before now, I would have realized I could easily run slapcat with the -F flag like so:
slapcat -F /var/symas/openldap-data/slapd.d/ -n0 ... which works like a charm. Not sure why it's not picking that directory up by default, but problem (mostly) solved. Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Wednesday, January 5th, 2022 at 10:57 AM, David White <dmwhite...@protonmail.com> wrote: > I'm starting a new thread on a different topic, as my current issue is > veering way off topic from my original thread (c/f > https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/32D2GPXUTLKAXBE5AIQEIEUJJAQLJ5NS/ > and c/f > https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/thread/UDTYKW6AEDR2ALY43V2DQZSL7AVTG5GB/). > > Thanks to Ulrich's suggestion to run slapcat -n0 with debug (-d -1). That did > indeed get me some more information, but I still cannot pinpoint why slapcat > keeps telling me that it "could not open database". > > To recap: I'm currently running the Symas-provided openldap package v2.6, and > my ultimate goal is to build a push-based proxy with syncrepl. But this > thread is about the cn=config database. > > As part of my troubleshooting, I found this quite old thread about the > different ways to start slapd: > https://openldap-technical.openldap.narkive.com/Y1yq9Qd1/can-not-modify-cn-conf-openldap-2-4-15 > > I stopped slapd with: > > systemctl stop slapd > > I then manually started it like so, in order to force it to use the ldif > directory instead of the slapd.conf file: > > /opt/symas/lib/slapd -F /var/symas/openldap-data/slapd.d/ > > This started right up, and I can confirm slapd is running. > > I'm able to run a ldapsearch against: -b "cn=config" like so, where we see > all of the various databases, frontend, and Overlays configured. I have > redacted the password, and changed the domain to "example" in the following > stdout. Given this information, I'm still very confused why slapcat can't > open the cn=config database for its own processing. Any help on this would be > appreciated. > > root@ldap-provider:~# ldapsearch -x -LLL -D cn=config -W -s sub -b > "cn=config" "(olcDatabase=)" '' '+' -v > > ldap_initialize( <DEFAULT> ) > > Enter LDAP Password: > > filter: (olcDatabase=*) > > requesting: * + > > dn: olcDatabase={-1}frontend,cn=config > > objectClass: olcDatabaseConfig > > objectClass: olcFrontendConfig > > olcDatabase: {-1}frontend > > olcAddContentAcl: FALSE > > olcLastMod: TRUE > > olcLastBind: TRUE > > olcLastBindPrecision: 0 > > olcMaxDerefDepth: 0 > > olcReadOnly: FALSE > > olcSchemaDN: cn=Subschema > > olcSyncUseSubentry: FALSE > > olcMonitoring: FALSE > > structuralObjectClass: olcDatabaseConfig > > entryUUID: 047a4d82-01dd-103c-8345-d3830b8ac76f > > creatorsName: cn=config > > createTimestamp: 20220104190525Z > > entryCSN: 20220104190525.214003Z#000000#000#000000 > > modifiersName: cn=config > > modifyTimestamp: 20220104190525Z > > entryDN: olcDatabase={-1}frontend,cn=config > > subschemaSubentry: cn=Subschema > > dn: olcDatabase={0}config,cn=config > > objectClass: olcDatabaseConfig > > olcDatabase: {0}config > > olcAccess: {0}to * by * none > > olcAddContentAcl: TRUE > > olcLastMod: TRUE > > olcLastBind: TRUE > > olcLastBindPrecision: 0 > > olcMaxDerefDepth: 15 > > olcReadOnly: FALSE > > olcRootDN: cn=config > > olcRootPW: secret > > olcSyncUseSubentry: FALSE > > olcMonitoring: FALSE > > structuralObjectClass: olcDatabaseConfig > > entryUUID: 047a4fda-01dd-103c-8346-d3830b8ac76f > > creatorsName: cn=config > > createTimestamp: 20220104190525Z > > entryCSN: 20220104190525.214003Z#000000#000#000000 > > modifiersName: cn=config > > modifyTimestamp: 20220104190525Z > > entryDN: olcDatabase={0}config,cn=config > > subschemaSubentry: cn=Subschema > > dn: olcDatabase={1}mdb,cn=config > > objectClass: olcDatabaseConfig > > objectClass: olcMdbConfig > > olcDatabase: {1}mdb > > olcDbDirectory: /var/symas/openldap-data > > olcSuffix: dc=example,dc=com > > olcAddContentAcl: FALSE > > olcLastMod: TRUE > > olcLastBind: TRUE > > olcLastBindPrecision: 0 > > olcMaxDerefDepth: 15 > > olcReadOnly: FALSE > > olcRootDN: cn=admin,dc=example,dc=com > > olcRootPW: secret > > olcSyncUseSubentry: FALSE > > olcMonitoring: TRUE > > olcDbNoSync: FALSE > > olcDbIndex: objectClass eq > > olcDbIndex: entryUUID eq > > olcDbIndex: entryCSN eq > > olcDbMaxReaders: 0 > > olcDbMaxSize: 10485760 > > olcDbMode: 0600 > > olcDbSearchStack: 16 > > olcDbMaxEntrySize: 0 > > olcDbRtxnSize: 10000 > > structuralObjectClass: olcMdbConfig > > entryUUID: 047a52be-01dd-103c-8347-d3830b8ac76f > > creatorsName: cn=config > > createTimestamp: 20220104190525Z > > entryCSN: 20220104190525.214003Z#000000#000#000000 > > modifiersName: cn=config > > modifyTimestamp: 20220104190525Z > > entryDN: olcDatabase={1}mdb,cn=config > > subschemaSubentry: cn=Subschema > > dn: olcOverlay={0}syncprov,olcDatabase={1}mdb,cn=config > > objectClass: olcOverlayConfig > > objectClass: olcSyncProvConfig > > olcOverlay: {0}syncprov > > olcSpCheckpoint: 100 10 > > olcSpSessionlog: 100 > > structuralObjectClass: olcSyncProvConfig > > entryUUID: 047a54da-01dd-103c-8348-d3830b8ac76f > > creatorsName: cn=config > > createTimestamp: 20220104190525Z > > entryCSN: 20220104190525.214003Z#000000#000#000000 > > modifiersName: cn=config > > modifyTimestamp: 20220104190525Z > > entryDN: olcOverlay={0}syncprov,olcDatabase={1}mdb,cn=config > > subschemaSubentry: cn=Subschema > > Sent with ProtonMail Secure Email. > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > On Wednesday, January 5th, 2022 at 9:40 AM, Ulrich Windl > ulrich.wi...@rz.uni-regensburg.de wrote: > > > Hi! > > > I meant: The debug output is useless when you leave out "-n0" (the case that > > > doesn't work for you). > > > > > > David White dmwhite...@protonmail.com schrieb am 05.01.2022 um 15:14 > > > > > in > > > Nachricht > > > qn5VCvnElSb0fkpWltSUlY7hWAU=@protonmail.com>: > > > > That's the thing. > > > > -n0 always returns "unknown database". > > > > Only -n1 returns data. > > > > Thanks for the suggestion, though. :) > > > > Sent with ProtonMail Secure Email. > > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > > > On Wednesday, January 5th, 2022 at 8:11 AM, Ulrich Windl > > > > ulrich.wi...@rz.uni-regensburg.de wrote: > > > > > It seems you missed "-n0" for slapcat.
publickey - dmwhite823@protonmail.com - 0x320CD582.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
