can't find cn=module,cn=config entry

Question

I'm new to openLdap , I am setting up a module for monitoring using on-line configuration (OLC) based on this guide : https://blog.kmp.or.at/monitoring-openldap/.

i use ldapmodify as bellow :

ldapmodify -x -H ldap:/// -D "cn=config"   -W -f module.ldif

result is :

modifying entry "cn=module{0},cn=config"
ldap_modify: No such object (32)

content of module.ldif is :

dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: {1}back_monitor

i understand that i can't modify on non-existing entry so i tried to add a new entry for DN = (cn=module,cn=config).

i tried to create new dn using :

dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath:  /etc/openldap/libexec/openldap

but i got this error

ldap_add: Invalid syntax (21)
additional info: objectClass: value #0 invalid per syntax

Do i really need to create this DN , or it must be created during setup.

Answer 1

This might help others as well,

dn: cn=module,cn=config
cn: module 
objectClass: olcModuleList
olcModulePath: /usr/lib/ldap <Your Module Path>
olcModuleLoad: memberof.la <Youe Module Name>

Above LDIF will create a module under DB Schema if it does not exist. Execute the following command to validate if it's created.

sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config -LLL dn

Answer 2

No, this entry is created during setup.

It seems you missed to setup slapd.d directory for online configuration (OLC) :

slapcat -f /path/to/slapd.conf -F /path/to/slapd.d

Also, choose the appropriate SASL mechanism for authentication :

• Either use EXTERNAL mechanism with ldapi:/// transport (relies on the client process uid and gid via Unix sockets) :

  `ldapmodify -Y EXTERNAL -H ldapi:/// -f module.ldif`
  

• Or LDAP (default) with options -D and -W for binding :

  ` ldapmodify -x -H ldap://example.com -D cn=manager,dc=example,dc=com -W -f module.ldif`