Reputation: 2317
OpenLdap. Switch to mdb-backend (Memory-Mapped Database)
I`ve installed OpenLdap v.2.4.39 for Debian 7. But during setup I have only 2 option for backend: BDB and HDB.
But I want to use MDB (http://www.openldap.org/doc/admin24/backends.html). AFAIK it is stable. How to choose it as backend?
Thank you!
PS. i can see mentions about hdb in below files:
/etc/ldap/slapd.d# grep -nr hdb *
cn=config/cn=module{0}.ldif:7:olcModuleLoad: {0}back_hdb
cn=config/olcBackend={0}hdb.ldif:3:dn: olcBackend={0}hdb
cn=config/olcBackend={0}hdb.ldif:5:olcBackend: {0}hdb
cn=config/olcDatabase={1}hdb.ldif:3:dn: olcDatabase={1}hdb
cn=config/olcDatabase={1}hdb.ldif:6:olcDatabase: {1}hdb
But I am not sure if I can edit them.
Upvotes: 0
Views: 11210
Answers (2)
Reputation: 71
The module is there, the deconf template is not.
$ ls /usr/lib/ldap/back_mdb*
/usr/lib/ldap/back_mdb-2.4.so.2 /usr/lib/ldap/back_mdb-2.4.so.2.8.3 /usr/lib/ldap/back_mdb.la /usr/lib/ldap/back_mdb.so
To enable, we need to load the module first.
$ cat someEpicLdif.ldif
# we need to load the mdb module first
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulePath: /usr/lib/ldap
olcModuleLoad: back_mdb
# now we configure our mdb backend
dn: olcDatabase=mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: mdb
olcSuffix: dc=ldap_is_bananas,dc=org
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,dc=ldap_is_bananas,dc=org
olcRootPW: changeme
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcMonitoring: TRUE
olcDbEnvFlags: writemap
olcDBNoSync: TRUE
olcAccess: to attrs=userPassword by dn="cn=admin,dc=ldap_is_bananas,dc=org" write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=admin,dc=ldap_is_bananas,dc=org" write by * read
Please don't copy and paste man slapd-mdb and man slapd-config for the configuration options and supply your own.
Then add the new backend using ldapadd, if you're using SASL binds...
$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f ldap_is_bananas.ldif
Upvotes: 4
Reputation: 31314
In Debian the MDB backend has been enabled since slapd-2.4.39 which is available since Debian jessie (the code-name for the current testing distro).
assuming, that you are using Debian/stable (aka wheezy), the answer is simple:
your version of slapd has been built without mdb support, so you cannot use it.
if you are using slapd>2.4.39 (which seems to be the case according to your comment), you must configure the backend manually (as there is no debconf template yet that supports MDB).
checkout man slapd-mdb
Upvotes: 1
Related Questions
- Multiple databases with same backend in OpenLDAP
- LDAP server configuration
- Berkeley DB mismatch error while configuring LDAP
- LDAP schema editing on the fly
- OpenLDAP ppolicy
- bdb db open database cannot be opened err 22. restore from backup
- What's wrong with the new added ldap database?
- openldap with lmdb; cannot be opened: No such file or directory
- OpenLDAP passwords extract (mdb)
- LDAP: slapd and openldap