[Date Prev][Date Next]
Re: managing OpenLDAP / back-config
Howard Chu wrote:
Tools that make certain commonplace tasks easier are certainly a good
thing. But when the tools get in the way, (e.g., FedoraDS where there
are even more bug reports about getting their admin server running than
for their actual directory server), the whole effort is just pointless.
Let's be fair. The admin server of the Netscape/SunONE/Fedora DS was
meant to manage a whole family of servers (LDAP, WWW, Mail, Calendar)
organized in administration domains. So it's a more complex concept. If
you're solely using the directory server it might be overkill. I used
web2ldap most of the times to configure their server directly because
it's much faster than the fat Java stuff.
But I have to admit that it's easier to tweak things in cn=config of
Netscape/SunONE DS with stock web2ldap than to manage back-config with
it. The reason is that their config schema was designed from scratch
utilizing separate object classes and attributes without preserving
backward compability with old text-based config. This makes it possible
for a DUA to almost do the right thing by just looking at the schema.