I have an older eDirectory (Version: 20214.30) and want to move this
to a new server. I exported the schema and the data with ice to files
like this:

# ice -S LDAP -s localhost -p 1026 -d 'cn=...' -w xxx -b 'cn=schema' -c base -D LDIF -f schema.ldif
# ice -S LDAP -s localhost -p 1026 -d 'cn=...' -w xxx -lobjectClass='*' -D LDIF -f data.ldif

All this seemed to work fine, no errors and the files are looking

On the new target host I have installed
eDirectory_900_Linux_x86_64.tar.gz and
setup the new eDirectory as:

# ndsconfig def -t sunrise
Enter the password for admin.org: admin.org
Re-enter the password for admin.org: xxxxxx
# ldapconfig -t sunrise -a admin.org -w xxxxxx "-s ldapTLSRequired=no"
# ldapconfig -t sunrise -a admin.org -w xxxxxx "-s Require TLS for Simple Binds with Password=no"
NLDAP server configuration utility for NetIQ eDirectory 9.0 v40002.38
[1] Instance at /etc/opt/novell/eDirectory/conf/nds.conf: sunrisetpap02dxoh.O=org.SUNRISE
LDAP Server Configuration:
LDAP Server: CN=LDAP Server - sunrisetpap02dxoh.O=org
LDAP Group: CN=LDAP Group - sunrisetpap02dxoh.O=org
Require TLS for Simple Binds with Password set to no
LDAP Server refreshed with the new configuration.

If I now try to import the schema with 'ice' it gives the following

# ice -lice.log -v -C -a -SLDIF -fschema.ldif -v -DLDAP -s10.49.92.38 -p389 -dcn=admin,o=org -wxxxxxx
NetIQ Import Convert Export utility for NetIQ eDirectory
version: 40002.14
Copyright (c) 2013 NetIQ Corporation and its affiliates. All Rights Reserved. U.S. Patent No. 6,915,287.
Source Handler: ICE LDIF handler for NetIQ eDirectory (version: 40002.14 )
Destination Handler: ICE LDAP handler for NetIQ eDirectory (version: 40002.14 )
Getting source schema...done.
Getting destination schema...done.
Starting schema update...
Record: 73, ldap_modify failed: 80(NDS error: invalid request (-641)), dn: cn=schema

I have to admit that, while I have more than 30 years of UNIX knowledge,
I was
using LDAP only to test our systems which connects to LDAP servers and I
no real expirence in managing eDirs. Questions:

1. Is the above procedure correct?
2. What does the rror mean or how can I solve this?

I don't know if 'Record: 73...' means line 73, this would be these


71 ldapSyntaxes: ( X-NDS_SYNTAX '10' )
72 ldapSyntaxes: ( X-NDS_SYNTAX '9' )
73 ldapSyntaxes: ( X-NDS_SYNTAX '9' )
74 ldapSyntaxes: ( 2.16.840.1.113719. X-NDS_SYNTAX '25' )
75 ldapSyntaxes: ( X-NDS_SYNTAX '9' )
76 objectClass: top
77 objectClass: subschema


I can put the full file to some public web space, if this is required.

Thanks in advance for any hints.


gurucubano's Profile: https://forums.netiq.com/member.php?userid=11748
View this thread: https://forums.netiq.com/showthread.php?t=55973