invalid DN 21 (Invalid syntax) on Converting slapd.conf OpenLdap

Question

Actually i want to configure ldap as master-slave replication using syncrepl method, On any reference which i found,I'm running on Centos 6 machine and openldap v2.4.23. I following step by step on http://admin.shamot.cz/?p=230#sthash.cKuGZQAu.dpbs Which using configuration from slapd.conf.

But recently on openldap version 2.4 and above, slapd.conf have been change into cn=config.

based on http://www.openldap.org/doc/admin24/slapdconf2.html said that i can converting slapd.conf to cn=config format.

So i try to convert my slapd.conf to cn=config.

So for this purpose i try to make slapd.conf file on server which have role provider like bellow:

database bdb
suffix dc=mydomain,dc=org
rootdn cn=admin,dc=mydomain,dc=org
directory /var/lib/ldap/db
index objectclass,entryCSN,entryUUID eq

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

database config
rootpw mypassword

Then i try to convert that file using slaptest command, but i got error message like bellow :

$ slaptest -f slapd.conf -v
slapd.conf: line 2: <suffix> invalid DN 21 (Invalid syntax)
slaptest: bad configuration file

Actually my suffix is absolutely right, but why always "invalid DN" How to solve this error ?

DavidGamba · Answer 1 · 2013-08-27T21:51:31.790

I had the same problem with too minimal of a file, I added a few extra details and it works

#slapd.conf

#schemas to use
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema

#log
pidfile     /var/run/openldap/slapd.pid
argsfile    /var/run/openldap/slapd.args

########################################
#####   dbm database definitions    ####
########################################

database bdb
suffix dc=server,dc=com
rootdn cn=Manager,dc=server,dc=com
rootpw secret

#database directory
directory       /var/lib/ldap

#end

According to this you might only be missing the pidfile location as it changed between versions but you will eventually add the rest anyway.

score 1 · Answer 2 · answered Jul 23 '13 at 05:47

1

You may need quotes around the DNs. Try suffix "dc=mydomain,dc=org", and quote the DN in the following line also.

answered Jul 23 '13 at 05:47

Falcon Momot

25,244
15
63
92

score 1 · Answer 3 · answered Dec 02 '15 at 15:17

1

You need to add

include /etc/ldap/schema/core.schema

at the top of the file.

Possibly also the database module for the db backend you want

moduleload back_bdb

answered Dec 02 '15 at 15:17

mivk

4,004
3
37
32

invalid DN 21 (Invalid syntax) on Converting slapd.conf OpenLdap

3 Answers3