0

New to Openldap (2.4.40). I am getting this error when running:

ldapmodify -a -x -H "ldaps://localhost:636" -D "cn=Manager,dc=test,dc=mydomain,dc=com" -W -f  olcsyncrepl.ldif

Error:

ldapmodify: invalid format (line 4) entry: “olcDatabase={2},cn=config”

This is the ldif file:

dn: olcDatabase={2}bdb,cn=config
olcSyncrepl: {0}rid=123
    provider=ldaps://sso.provider.com
    binddn="cn=Manager,dc=test,dc=mydomain,dc=com"
    bindmethod=simple
    credentials=mypassword
    searchbase="dc=test,dc=mydomain,dc=com"
    attrs="cn,sn,displayName,givenName,mail,uid"
    type=refreshAndPersist
    retry="10 6 60 +"

I am not sure what the problem is. Any help is appreciated.

user207421
  • 305,947
  • 44
  • 307
  • 483
Victor
  • 1
  • 1
  • 2
  • Indented code. Copied error message from title to body. – phd Oct 27 '17 at 22:54
  • That's not it, It's probably the way I pasted it to the question. The ldif file has all the lines to the left, no indention. It's weird, I read somewhere else to put the oldSyncrepl code in one line, and I actually got a different error after doing that. – Victor Oct 28 '17 at 03:28
  • The new error is 'ldap_add: Object class violation (65) additional info: no objectClass attribute' I added objectClass: olcDatabaseConfig, then it asked me for the rootDN, BaseDN. Now I am getting this other error: ldap_add: Other (e.g., implementation specific) error (80) additional info: failed startup. It's getting exhausting. I might just delete the entire slapd.d directory, make the changes to the slapd.conf, and let the application convert it to cn=config – Victor Oct 28 '17 at 03:42

2 Answers2

0

Get rid of the {0}and {2}. OpenLDAP will put in the sequence numbers.

user207421
  • 305,947
  • 44
  • 307
  • 483
  • Hello, thanks for responding. What would the first line look like without the {2}? I've seen samples of olcSyncrepl without the { }, but I haven't seen one of the olcDatabase without the { }. – Victor Oct 28 '17 at 03:18
-1

I ended up adding the Syncrepl to the slapd.conf file, then re-convert it to cn=config, and it went through just fine. After making a few other changes, replication is finally working

Victor
  • 1
  • 1
  • 2