[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: managing OpenLDAP / back-config

Howard Chu wrote:
Tools that make certain commonplace tasks easier are certainly a good thing. But when the tools get in the way, (e.g., FedoraDS where there are even more bug reports about getting their admin server running than for their actual directory server), the whole effort is just pointless.

Let's be fair. The admin server of the Netscape/SunONE/Fedora DS was meant to manage a whole family of servers (LDAP, WWW, Mail, Calendar) organized in administration domains. So it's a more complex concept. If you're solely using the directory server it might be overkill. I used web2ldap most of the times to configure their server directly because it's much faster than the fat Java stuff.

But I have to admit that it's easier to tweak things in cn=config of Netscape/SunONE DS with stock web2ldap than to manage back-config with it. The reason is that their config schema was designed from scratch utilizing separate object classes and attributes without preserving backward compability with old text-based config. This makes it possible for a DUA to almost do the right thing by just looking at the schema.

Ciao, Michael.