Hi Ulrich,
No. It was that I was tired and neglected to include the "-Y EXTERNAL"
flag on my search.
And now it is more problems. Slapcat of cn=config indicated that ppolicy
module was not loaded while ldapsearch indicated that it was. I applied
the ppolicy overlay as follows:
dn: olcOverlay=ppolicy,olcDatabase={2}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcPPolicyConfig
olcOverLay: ppolicy
olcPPolicyDefault: cn=default,ou=policies,dc=mydomain,dc=com
and now, slapcat -n 0 returns the following:
5ede54b5 UNKNOWN attributeDescription "OLCPPOLICYDEFAULT" inserted.
5ede54b5 config error processing
olcOverlay={1}ppolicy,olcDatabase={2}hdb,cn=config:
slapcat: bad configuration file!
I assume this is because there is no olcModuleLoad attribute in the ldif
for ppolicy. Would it be appropriate to remove the
olcOverlay={1}ppolicy,oldDatabase={2}hdb.ldif file - since by my
understanding ldapdelete does not work against cn=config
John Alexander
On Sun, Jun 7, 2020 at 10:57 PM Ulrich Windl <
[email protected]> wrote:
> >>> "John Alexander" <[email protected]> schrieb am 06.06.2020
> um 18:45
> in Nachricht
>
> <17901_1591478669_5EDC098C_17901_24_1_20200606164545.849.61910@hypatia.openldap.
> rg>:
> > Hi Howard,
> >
> > Well, that is interesting.
> >
> > [root@ldap3 ~]# ldapsearch -x -b cn=module{0},cn=config -H ldapi:///
> > # extended LDIF
> > #
> > # LDAPv3
> > # base <cn=module{0},cn=config> with scope subtree
> > # filter: (objectclass=*)
> > # requesting: ALL
> > #
> >
> > # search result
> > search: 2
> > result: 32 No such object
>
> Could it be that your user is not allowed to search/list that object?
>
> >
> > Would this indicate that LDAP does not think that there are any modules
> > loaded? slapcat -n 0 | grep olcModuleLoad shows
> > olcModuleLoad: {0}back_bdb
> > olcModuleLoad: {1}syncprov
> >
> > I'm out of my depth on path forward now.
> >
> > John Alexander
>
>
>
>
>
--
John Alexander
Systems Administrator
E: [email protected]
Concentric Sky, Inc
https://www.concentricsky.com
