Handling Orphaned LDAP Users and Roles on Upgrade

Because of a change in how LDAP hashes are calculated, upgrading to Vertica 10.1 may orphan certain users and roles if their names contain spaces. The following procedure checks your configuration's risk for orphaning your existing LDAP users and roles and goes over steps to prepare for and recover from this state.

  1. Run the following query to check if your LDAPLinkSearchBase contains spaces. If strpos > 0, your users and roles are likely to be orphaned on upgrade and you should follow the rest of the procedure. Otherwise, you aren't likely to be affected and can continue with the rest of the pre-upgrade checklist.
    2. => SELECT current_value, strpos('current_value,' ')
    FROM vs_configuration_parameters
    WHERE parameter_name ILIKE'LDAPLinkSearchBase%' AND current_value <> default_value;
  2. Backup your grants.
  3. Finish following the pre-upgrade checklist.
  4. Upgrade Vertica.
  5. Run LDAPLink service to resynchronize your users and roles.
  6. Restore your grants.