8

I've been walking through this tutorial and kept getting errors -- likely because I was typing it in manually -- so I retried, executing it after entering in

# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb

# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=example,dc=local
olcDbDirectory: /var/lib/ldap

It worked, so I typed in the rest and re-executed:

sudo ldapadd -Y EXTERNAL -H ldapi:/// -f backend.example.com.ldif

and now it says

ldap_add: Other (e.g., implementation specific) error (80)
    additional info: <olcSuffix> namingContext "dc=home,dc=local" already served by a preceding hdb database

Which, as I would guess, means that it can't complete the ldapadd because one already exists under the same name.

I tried deleting it using (from here):

sudo ldapdelete 'dc=example,dc=local'

and it's asking for a password, of which my password doesn't work and there was nothing set as the olcRootPW in the initial setup.

How do I use ldapdelete in this context so I can re-setup this database?

user29600
  • 399
  • 5
  • 16
  • 29

2 Answers2

7

Generally the initial setup process for cn=config isn't very easy and there are plenty of ways to shoot yourself in the foot in the process. However, remember that cn=config is stored in LDIF format files in slapd.d (usually in ${prefix}/etc/openldap/) and can be edited by hand (carefully and while slapd isn't running). So if you've locked yourself out (no RootDN/RootPW) or completely mangled your cn=config somehow, you can always fix it there.

A good way to get a basic config going is to actually do it in the old style slapd.conf fashion and then convert it to slapd.d (using slaptest -f -F) once the basic stuff (databases, modules and a RootDN/RootPW) is sorted.

Ingmar Hupp
  • 606
  • 1
  • 6
  • 13
  • Oh my God I have been avoiding a problem of duplicated `ppolicy` overlays for six months now and you have just ... wow ... thank you!!! – dannyman Nov 26 '18 at 22:35
  • According to [this thread](https://www.openldap.org/lists/openldap-technical/201307/msg00219.html) `cn=config` simply does not support deletions until slapd 2.5 – azmeuk Oct 18 '21 at 18:52
1

Wasn't able to figure out how to delete the database, but I had just started so I purged slapd and ldap-utils.

sudo apt-get purge slapd ldap-utils

and reinstalled.

user29600
  • 399
  • 5
  • 16
  • 29
  • 5
    Downvoted because although uninstalling and then reinstalling may work, it is rarely the correct answer. What Ignmar said below is much better advice. – Kevin S Mar 13 '14 at 18:05