Enabling an overlay on an OpenLDAP spare

Question

I have two OpenLDAP server, one master and one slave synchronized with syncprov. I would like to enable the memberof overlay on both. I successfully enabled the overlay on the master server, but I cannot manage to do the same on the replica.

$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// << EOF
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: memberof
-
EOF
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "cn=module{0},cn=config"
ldap_modify: Server is unwilling to perform (53)
    additional info: shadow context; no update referral

Am I doing something wrong here? Should I stop the server and manually edit its configuration?

score 0 · Answer 1 · answered Oct 26 '21 at 20:14

0

I could succeed by stopping the slapd service on the spare, and then manually edit the configuration files at /etc/openldap/slapd.d/cn=config/cn=module{0}.ldif

answered Oct 26 '21 at 20:14

azmeuk

195
1
2
16

Enabling an overlay on an OpenLDAP spare

1 Answers1