Importing ldap data throws issue with memberof

Question

I exported my openldap using slapcat -n 1 -l directory.ldif

When I import to my newer openldap using slapadd -n 1 -l directory.ldif I get the following error:

register_at: AttributeType "( 1.2.840.113556.1.2.102 NAME 'memberOf' DESC 'Group that the entry belongs to' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' EQUALITY distinguishedNameMatch USAGE dSAOperation NO-USER-MODIFICATION X-ORIGIN 'iPlanet Delegated Administrator' )": Duplicate attributeType, 1.2.840.113556.1.2.102

It will write the first user in the file, but won't populate any memberOf data. I had issues adding this schema, but when I remove it, it worked as there was no longer a duplicate. How can I fix this?

Thanks.

Edit: In browsing the ldap with JXplorer, I see the following.

I'm not sure if these are both needed, or causing a conflict.

Edit (Delayed due to Covid, sorry!):

I am running openldap 2.6.8_0+overlays

Schema are: core cosine nis inetorgperson passwordselfreset

Answer 1

It would be more helpful with more information about the LDAP server (version, list of schemas which are loaded mannually, etc)

Assuming you are using a recent OpenLDAP version 2.5+ / 2.6+ and that you have manually imported a schema in the cn=schema,cn=config branch

Your problem is probably because the memberOf overlay now loads dynamically the memberOf schema without you needing to do it manually.

You should have in the cn=module{0},cn=config entry an attribute like: olcModuleLoad: memberof.la

This ModuleLoad already takes care of loading the schema to use the memberOf attribute

See. https://github.com/openldap/openldap/blob/d8b5bfddb798147496b888614b7e9b0d811a9869/servers/slapd/overlays/memberof.c#L1752