After Updating from version openldap-sasl-server-2.4.42_2 to openldap-sasl-server-2.4.43, I persitently get on one box the error shown below. Since we use a similar config on each system hostin OpenLDAP, the problem is definitely not obvious to me since openldap-sasl-server-2.4.42_2 worked fine! [...] 565eb2e6 <<< dnPrettyNormal: <cn=default,ou=policies,dc=walstatt,dc=dynvpn,dc=de>, <cn=default,ou=policies,dc=walstatt,dc=dynvpn,dc=de> 565eb2e6 User Schema load failed for attribute "pwdMaxRecordedFailure". Error code 17: attribute type undefined 565eb2e6 config error processing olcOverlay={1}ppolicy,olcDatabase={1}mdb,cn=config: User Schema load failed for attribute "pwdMaxRecordedFailure". Error code 17: attribute type undefined
(In reply to ohartman from comment #0) I think it's probably more efficient to contact upstream (OpenLDAP.org) for help. In the meantime, have you enabled PPOLICY when building the server? You seem to be using ppolicy properties.
I solved the problem by copying and modifying the port's ppolicy.ldif file according to the old one. Yes, I have checked PPOLICY to be build! The problem is: without the ppolicy schema loaded correctly, my whole DIT gets inaccessible, so I'm unable to "ldapmodify" the OLC-based configuration. Since I use PPOLICY on all OpenLDAP installations and most of them got updated the very same time, I'm courious about what is different to the system in question - but a review of the LDIF files didn't reveal much to me. I stays obscure.
Dec 5 16:27:36 <0.6> thor kernel: pid 7553 (slapd), uid 389: exited on signal 6 I receive massively SIGNAL 6 corruptions a a non-working LDAP environment! This happens on systems used with port net/nss-pam-ldapd-sasl-0.8.14_3.
Is this still relevant, or could it closed.