On Tue, 2022-11-08 at 21:24 +0100, Julian Kippels wrote:
Hi,
I am currently in the process of moving our LDAP-Servers from old
CentOS 7 Servers to new Debian 11 Servers. In the process I am
exporting all databases from the old server to ldif files and
importing
those files on the new server.
When I import such a file I get a lot (basically for every single
entry)
of warnings and errors in the errors-log like the following:
[08/Nov/2022:21:01:52.272475719 +0100] - ERR - oc_check_allowed_sv -
Entry "cn=219058,ou=accounts,o=demo" -- attribute
"entrylevelrights"
not allowed
[08/Nov/2022:21:01:52.273547001 +0100] - WARN - import_producer -
import demo: Skipping entry "cn=219058,ou=accounts,o=demo" which
violates schema, ending line 9232514 of file "/var/lib/dirsrv/slapd-
ldap-master/ldif/demo.ldif"
I can't make heads or tails of this. I exported the ldif using the
389-console using "Export Databases" and I import them via Cockpit
using "Initialize Suffix" for the Suffix o=demo
I cannot find this attribute in any schema-file on either the old or
the new servers. Where does this come from
a custom schema on the 1.2.2 box?
, and how do I solve this
issue?
I'm curious what objectclasses are found under the
cn=219058,ou=accounts,o=demo object, and whether entrylevelrights is
listed as an attribute for this object.
If so, and the attribute is unneeded, perhaps remove this attribute
from the ldif prior to importing?
Mark