[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Deleting overlays from cn=config

Howard Chu writes:
>Hallvard B Furuseth wrote:
>> You also need to walk through the database and delete any attributes
>> object classes defined by the overlay.  That'll be at least any
>> operational attributes since they must be hardcoded into the C source.
> I wouldn't bother with that, since the schema definitions are still
> present.  Those attributes would simply stop being
> updated/generated...

OK, but their presence is still misleading.

>> (...) I.e. should these userPasswords be deleted?  (...)
> I think that's wrong.

Yes, me too.  I was thinking cross-eyed. Cross-brained?

> When you remove an overlay, you should expect to lose all the
> functionality that the overlay provided. If the overlay had locked an
> account, the lock will simply disappear when the overlay is removed.

Not necessarily, but it's the admin's problem to decide what to do.
Though he might want the overlay to refuse to go away until he has
cleaned up.  Maybe some ppolicy attribute can get a presence index, and
the overlay would refuse to be deleted if a search for that attr found