--On Thursday, March 10, 2022 6:06 PM +0000 Aaron Bennett <[email protected]> wrote:
Hi, I'm moving from a two-node CentOS 7 cluster running essentially the RedHat openldap-servers build (which I rebuild to use OpenSSL, but otherwise, left alone).
The 2.4 cn=config is not necessarily compatible with 2.5. You should dump your current 2.4 config with slapcat -n 0 and then update it accordingly for use with 2.5. Symas has excellent 2.5 and 2.6 packages available at <https://repo.symas.com/soldap/> along with upgrade instructions: <https://repo.symas.com/soldap/upgrading/>
In your specific case, it appears that you've left the ppolicy schema in place in the cn=config db, where it was moved to be internal to the ppolicy overlay module in 2.5 and later.
Regards, Quanah
