On Tue, Mar 15, 2005 at 01:36:17AM +0100, Torsten Landschoff wrote: > As you might have noticed or not we are working on getting OpenLDAP 2.2 > into unstable. The packages are mostly working fine (as available in > experimental) but what is missing is a really tested upgrade path from > OpenLDAP 2.0 (in stable) and 2.1 (in testing, unstable). Ambitious target! I upgraded my employer's LDAP servers from 2.1 to 2.2 last week. They are running on Debian machines, but not using the Debian packages. Here are some points which you might find useful: * Fix/check the DB_CONFIG file if you're using BDB. Having a suboptimal DB_CONFIG will really really slow down the slapadd. * There are syntax changes in slapd.conf, e.g. group.regex becomes group.expand, and there are new facilities which are potentially desirable to add, e.g. checkpoints. Also ACL parsing is stricter. * Strip out the entryCSN attributes from the ldif file and let slapadd recreate them in the 2.2 format. That's necessary for using syncrepl in the future and it might as well be done while you're tearing the database to pieces. * The monitor back-end behaves a little differently in 2.2 to previous versions, so monitoring scripts need tweaking to continue to work. All in all, it's not a difficult upgrade, but there a lot of little things to get right. Dave
Attachment:
pgp40WzuAITVq.pgp
Description: PGP signature