Download abook.ldif.
execute:
ldapadd -x -W -D 'cn=Manager,dc=fechner,dc=net' -f abook.ldif
to create the initial tree.
ldapsearch -LLL -x -D "cn=Manager,dc=fechner,dc=net" -W -u
First make a backup of your data:
slapcat >backup-openldap-20060709.ldif tar cvfj backup_openldap.tar.bz2 /var/db/openldap-* /usr/local/etc/openldap
Upgrade the server and the client to the new version. Now delete the old database:
find -type f /var/db/openldap-* -delete -print
Restore the old database:
slapadd -l backup-openldap-20060709.ldif
Start openldap with:
/usr/local/etc/rc.d/slapd start
If you get the following warning message it's recommended that you add an index to your ldap database:
Sep 18 10:28:29 server slapd[[40569]]: <= bdb_equality_candidates: (givenName) index_param failed (18)
To do this edit the file /usr/local/etc/openldap/slapd.conf and add:
index givenName pres,sub,eq
Now stop the ldap server, create the index and start the ldap server:
/usr/local/etc/rc.d/slapd stop slapindex /usr/local/etc/rc.d/slapd start
If you get the warning:
Sep 18 10:36:10 server slapd[[43302]]: bdb_db_open: Warning - No DB_CONFIG file found in directory /var/db/openldap-data: (2) Expect poor performance for suffix dc=fechner,dc=net.
it is necessary to tune your database. To do this create the file DB_CONFIG in /var/db/openldap-data with:
- one 4 MB cache set_cachesize 0 4194304 1 - Data Directory - set_data_dir db - Transaction Log settings set_lg_regionmax 262144 set_lg_bsize 2097152 - set_lg_dir logs
Adapt the cache size to your needs. You can check the values with:
db_stat-4.2 -m
Create certificate if not allready exist:
openssl req -new -x509 -nodes -out slapd.pem -keyout lsapd.key -days 365
Activate in /etc/rc.conf with:
ldaps:<nowiki>//</nowiki>0.0.0.0/ TLSCertificateFile /usr/share/ssl/certs/slapd.pem TLSCertificateKeyFile /usr/share/ssl/certs/slapd.key TLSCACertificateFile /usr/share/ssl/certs/slapd.pem
Check if all is ok:
openssl s_client -connect localhost:636 -showcerts
cd /var/db/openldap-data db_recover-4.6 /usr/local/etc/rc.d/slapd restart