diff --git a/_posts/2023-05-19-openldap-2-4-to-2-6-upgrade.tl b/_posts/sysadm/2023-05-19-openldap-2-4-to-2-6-upgrade.tl
similarity index 75%
rename from _posts/2023-05-19-openldap-2-4-to-2-6-upgrade.tl
rename to _posts/sysadm/2023-05-19-openldap-2-4-to-2-6-upgrade.tl
index c24c2cf..da68cd6 100644
--- a/_posts/2023-05-19-openldap-2-4-to-2-6-upgrade.tl
+++ b/_posts/sysadm/2023-05-19-openldap-2-4-to-2-6-upgrade.tl
@@ -2,6 +2,7 @@
 layout: default
 title: OpenLDAP 2.4 to 2.6 upgrade
 date: 2023-05-19 23:28 +0200
+tags: Gentoo LDAP
 ---
 OpenLDAP >= 2.5 drops Berkeley DB based @hdb@ and @bdb@ backends support. Backend
 upgrade - preferably to @mdb@ - is required before version upgrade.
@@ -11,10 +12,10 @@ deployments the config database must be exported via @slapcat@, config export
 modified as required, then resulting config database imported.
 
 Upstream documentation:
-* "B. Upgrading from 2.x":https://www.openldap.org/doc/admin25/appendix-upgrading.html
+"Upgrading from 2.4.x":https://www.openldap.org/doc/admin25/appendix-upgrading.html
 
 
-h2. Backup database and configuration
+h3(#backup). Backup database and configuration
 
 {% highlight bash %}
 /etc/init.d/slapd stop
@@ -24,11 +25,11 @@ mv /var/lib/openldap-data /var/lib/openldap-data-2.4
 {% endhighlight %}
 
 
-h2. Migrate to @mdb@ backend
+h3. Migrate to @mdb@ backend
 
-Update _/etc/openldap/slapd.conf_ as follows:
+Replace backend module and set database type:
 
-{% highlight config %}
+{% highlight file caption=/etc/openldap/slapd.conf %}
 ...
 # moduleload  back_hdb.so
 moduleload  back_mdb.so
@@ -37,7 +38,7 @@ database       mdb
 ...
 {% endhighlight %}
 
-Then restore database and convert config to directory format (in that order):
+Restore database and convert config to directory format (in that order):
 
 {% highlight bash %}
 mkdir /var/lib/openldap-data
@@ -52,16 +53,14 @@ slaptest -f slapd.conf -F slapd.d
 /etc/init.d/slapd start
 {% endhighlight %}
 
-Now is the time to verify if LDAP dependent services work like before migration.
-They should.
+Verify if LDAP dependent services work like before migration - they should.
 
 
-h2. Upgrade to 2.6
+h3. Upgrade to 2.6
 
 Before upgrade:
 * check @openldap@ @USE@ flags,
-* backup database and configuration if applicable
-
+* backup database and configuration ("see above":#backup),
 then proceed with upgrade:
 
 {% highlight bash %}
@@ -71,7 +70,7 @@ dispatch-conf
 
 Remove @ppolicy@ overlay, which is now implemented internally:
 
-{% highlight config %}
+{% highlight file caption=/etc/openldap/slapd.conf %}
 ...
 #include    /etc/openldap/schema/ppolicy.schema
 ...