Update for OpenLDAP 2.5

OpenLDAP 2.5 switches from HDB to MDB. Update schema to match. Signed-off-by: Timothy Pearson <kb9vqf@pearsoncomputing.net>
author: Timothy Pearson <kb9vqf@pearsoncomputing.net> 2025-09-29 22:38:23 -0500
committer: Timothy Pearson <kb9vqf@pearsoncomputing.net> 2025-10-05 14:48:40 -0500
commit: 0d53fc4ef4c7cf3e81058dbfec7c2804926745d8 (patch)
tree: 9f9bbdf6b22b37cb12265dbefa4f1f833d9c64dc /confskel
parent: 132d640313f7efd26b6df6424446e1af9d4f54aa (diff)
download: kcmldapcontroller-0d53fc4ef4c7cf3e81058dbfec7c2804926745d8.tar.gz
kcmldapcontroller-0d53fc4ef4c7cf3e81058dbfec7c2804926745d8.zip
5 files changed, 11 insertions, 21 deletions
diff --git a/confskel/openldap/ldap/slapd.conf b/confskel/openldap/ldap/slapd.conf
index 9263350..8b40013 100644
--- a/confskel/openldap/ldap/slapd.conf
+++ b/confskel/openldap/ldap/slapd.conf
@@ -21,7 +21,7 @@ allow bind_v2
 loglevel 256
 
 modulepath /usr/lib/ldap
-moduleload back_hdb
+moduleload back_mdb
 moduleload syncprov
 moduleload back_monitor
 moduleload auditlog
@@ -32,14 +32,14 @@ moduleload ppolicy
 sizelimit 500
 tool-threads 1
 
-backend hdb
+backend mdb
 
 database monitor
 database config
 rootdn cn=config
 rootpw {SHA}@@@ROOTPW_SHA@@@
 
-database hdb
+database mdb
 overlay syncprov
 overlay auditlog
 overlay smbk5pwd
diff --git a/confskel/openldap/ldif/hdb.ldif b/confskel/openldap/ldif/hdb.ldif
index 6ee8842..316a33b 100644
--- a/confskel/openldap/ldif/hdb.ldif
+++ b/confskel/openldap/ldif/hdb.ldif
@@ -1,6 +1,6 @@
-dn: cn={@@@LDIFSCHEMANUMBER@@@}hdb
+dn: cn={@@@LDIFSCHEMANUMBER@@@}mdb
 objectClass: olcSchemaConfig
-cn: {@@@LDIFSCHEMANUMBER@@@}hdb
+cn: {@@@LDIFSCHEMANUMBER@@@}mdb
 olcAttributeTypes: {0}( 1.3.6.1.4.1.5322.10.1.1 NAME 'krb5PrincipalName' DESC 
  'The unparsed Kerberos principal name' EQUALITY caseExactIA5Match SYNTAX 1.3.
  6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
diff --git a/confskel/openldap/ldif/moduleConfig.ldif b/confskel/openldap/ldif/moduleConfig.ldif
index 1e65f27..d125f9d 100644
--- a/confskel/openldap/ldif/moduleConfig.ldif
+++ b/confskel/openldap/ldif/moduleConfig.ldif
@@ -2,7 +2,7 @@ dn: cn=module{0}
 objectClass: olcModuleList
 cn: module{0}
 olcModulePath: /usr/lib/ldap
-olcModuleLoad: {0}back_hdb
+olcModuleLoad: {0}back_mdb
 olcModuleLoad: {1}syncprov
 olcModuleLoad: {2}back_monitor
 olcModuleLoad: {3}auditlog
diff --git a/confskel/openldap/ldif/olcDatabase.ldif b/confskel/openldap/ldif/olcDatabase.ldif
index 29b107d..7baacc5 100644
--- a/confskel/openldap/ldif/olcDatabase.ldif
+++ b/confskel/openldap/ldif/olcDatabase.ldif
@@ -1,7 +1,7 @@
-dn: olcDatabase={@@@LDIFSCHEMANUMBER@@@}hdb
+dn: olcDatabase={@@@LDIFSCHEMANUMBER@@@}mdb
 objectClass: olcDatabaseConfig
-objectClass: olcHdbConfig
-olcDatabase: {@@@LDIFSCHEMANUMBER@@@}hdb
+objectClass: olcMdbConfig
+olcDatabase: {@@@LDIFSCHEMANUMBER@@@}mdb
 olcDbDirectory: /var/lib/ldap
 olcSuffix: @@@REALM_DCNAME@@@
 olcAccess: {0}to attrs=userPassword,shadowLastChange,krb5Key,krb5PrincipalName,krb5KeyVersionNumber,krb5MaxLife,krb5MaxRenew,krb5KDCFlags,privateRootCertificateKey,pkiCertificate
@@ -26,14 +26,8 @@ olcReadOnly: FALSE
 olcRootDN: cn=@@@ROOTUSER@@@,@@@REALM_DCNAME@@@
 olcRootPW: {SHA}@@@ROOTPW_SHA@@@
 olcMonitoring: TRUE
-olcDbCacheSize: 1000
 olcDbCheckpoint: 512 30
-olcDbConfig: {0}set_cachesize 0 67108864 1
-olcDbConfig: {1}set_lg_regionmax 262144
-olcDbConfig: {2}set_lg_bsize 2097152
 olcDbNoSync: FALSE
-olcDbDirtyRead: FALSE
-olcDbIDLcacheSize: 0
 olcDbIndex: entryCSN eq
 olcDbIndex: entryUUID eq
 olcDbIndex: objectClass eq
@@ -43,14 +37,10 @@ olcDbIndex: mail eq,pres
 olcDbIndex: uid pres,eq,sub
 olcDbIndex: uidNumber eq
 olcDbIndex: gidNumber eq
-olcDbLinearIndex: FALSE
 olcDbMode: 0600
 olcDbSearchStack: 16
-olcDbShmKey: 0
-olcDbCacheFree: 1
-olcDbDNcacheSize: 0
 olcPlugin: postoperation @@@TDELIBDIR@@@/slapi-acl-manager.so plugin_init admingroup-dn:=cn=@@@ADMINGROUP@@@,ou=groups,ou=core,ou=realm,@@@REALM_DCNAME@@@ realm:=@@@REALM_UCNAME@@@ aclfile:=@@@HEIMDALACLFILE@@@  builtinadmin:=@@@ROOTUSER@@@
-structuralObjectClass: olcHdbConfig
+structuralObjectClass: olcMdbConfig
 creatorsName: cn=config
 createTimestamp: @@@TIMESTAMP@@@Z
 entryCSN: @@@TIMESTAMP@@@.@@@TIMESTAMP_MICROSECONDS@@@Z#000000#000#000000
diff --git a/confskel/openldap/ldif/schema.ldif b/confskel/openldap/ldif/schema.ldif
index 9c871d5..b975a29 100644
--- a/confskel/openldap/ldif/schema.ldif
+++ b/confskel/openldap/ldif/schema.ldif
@@ -665,7 +665,7 @@ olcObjectClasses: ( OLcfgGlOc:8 NAME 'olcModuleList' DESC 'OpenLDAP dynamic mo
  ) )
 olcObjectClasses: ( OLcfgDbOc:2.1 NAME 'olcLdifConfig' DESC 'LDIF backend conf
  iguration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory )
-olcObjectClasses: ( OLcfgDbOc:1.2 NAME 'olcHdbConfig' DESC 'HDB backend config
+olcObjectClasses: ( OLcfgDbOc:1.2 NAME 'olcMdbConfig' DESC 'MDB backend config
  uration' SUP olcDatabaseConfig STRUCTURAL MUST olcDbDirectory MAY ( olcDbCach
  eSize $ olcDbCheckpoint $ olcDbConfig $ olcDbCryptFile $ olcDbCryptKey $ olcD
  bNoSync $ olcDbDirtyRead $ olcDbIDLcacheSize $ olcDbIndex $ olcDbLinearIndex
author	Timothy Pearson <kb9vqf@pearsoncomputing.net>	2025-09-29 22:38:23 -0500
committer	Timothy Pearson <kb9vqf@pearsoncomputing.net>	2025-10-05 14:48:40 -0500
commit	0d53fc4ef4c7cf3e81058dbfec7c2804926745d8 (patch)
tree	9f9bbdf6b22b37cb12265dbefa4f1f833d9c64dc /confskel
parent	132d640313f7efd26b6df6424446e1af9d4f54aa (diff)
download	kcmldapcontroller-0d53fc4ef4c7cf3e81058dbfec7c2804926745d8.tar.gz kcmldapcontroller-0d53fc4ef4c7cf3e81058dbfec7c2804926745d8.zip