I just got done upgrading the OpenLDAP instance on my Gentoo system from version 2.3.43 to 2.4.19 only to find it non-functional after following the steps outlined in the warning. Well, here is how I fixed it.
When I first attempted the upgrade, I was warned that things could break and suggested I follow these steps:
* 1. /etc/init.d/slurpd stop ; /etc/init.d/slapd stop * 2. slapcat -l /root/ldapdump.1258652071.raw * 3. egrep -v '^entryCSN:' /root/ldapdump.1258652071 * 4. mv /var/lib/openldap-data/ /var/lib/openldap-data-backup/ * 5. emerge --update \\=net-nds/openldap-2.4.19 * 6. etc-update, and ensure that you apply the changes * 7. slapadd -l /root/ldapdump.1258652071 * 8. chown ldap:ldap /var/lib/openldap-data/* * 9. /etc/init.d/slapd start * 10. check that your data is intact. * 11. set up the new replication system.
Well, I did this, but at step 9 things went wrong and I ended up withsome funky error:
backend_startup: bi_db_open(0) failed!
I ended up trying various things, but after playing with debug options I also noticed the following in the error output
config_build_attrs: error 21 on olcAttributeTypes value #1 config_build_entry: build "cn={0}webavis" failed: ""
Which led me to OpenLDAP Bug 5755.
In the end it turns out the problem was a schema file with some latin-1 characters in it. Reading the it sounded like changing it to UTF-8 might fix my issue.
I ended up tracking it back to the webavis.conf schema file, by running:
cd /etc/openldap/schema
for x in *.schema; do iconv -f iso-8859-1 -t utf-8 ${x} > ${x}.new; done
for x in *.schema; do echo ${x}; diff ${x} ${x}.new; done
The differences looked like this:
105c105 < DESC 'Virtual user of mail syst?me' --- > DESC 'Virtual user of mail système'
I simply overwrote the webavis.conf file with cleaned up one and all my woes were gone.
Hear Hear for iconv and UTF-8!
\\@matthias