When will I learn? I don’t care how many times in the last five years I’ve had to mess with LDAP, I never learn. Why the hell don’t I write shit down when I figure it out. Do I enjoy re-learning the same stupid crap over and over and over? Must be.
Okay here’s the thing. I shall endeavor to remember the following:
- When upgrading an LDAP directory service, make sure to dump the data out of the running system before breaking it down.
- If I fail to do #1, please oh please dear God have made a backup of it at least. chroot into the old environment, launch the ldap server, slapcat the whole shebang and proceed to step three
- slapadd the slapcat-ed ldif file… NOT ldapadd. ldapadd is suggested in most places as the tool of choice, but slapadd is what I need. Geez, stupid fuckers. Of course who’s the bigger idiot, the fool or the fool who follows him?
- Make sure to modify the slapd.conf file to change the default db from ldbm to bdm.
Pretty damn simple, eh? Not so simple when I’ve forgotten more of this LDAP shit than any sane person would care to remember.
While I’m at it, please oh please, remember for the next time about the dbmmange httpd password files. You’ve got to export the old entries, and then import them dbmmanage2 users import < old-data, modify the .htaccess files and be done with it.
Oh and a neat trick for dumping reliably an entire PosgreSQL database for an upgrade:
pg_dumpall > backup.sql
stop PostgreSQL, upgrade it, wipe the data directory, run initdb as user postgres and then psql -f backup.sql template1
Flawless. At least that part went well. The cursing was fun though.