[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Dynamic schema update

Dieter Kluenter wrote:
Eran Leiserowitz <eran.leiserowitz@xeround.com> writes:
3. Since it appears that the slapd.d man page is missing, could you
kindly explain, if in the 2.3 series, the "cn=config" tree _always_
exists, or you should explicitly create it. And assuming that it exists,
does changing it, automatically takes effect in the server (or you
should do something additional).

The cn=config tree always exists. Changes take effect immediately. But if you're using slapd.conf instead of slapd.d, the changes are not saved to any config file.

man slapd(8), parameters -f -F

You should declare a database config in slapd.conf, something like
database        config
rootdn          cn=config
rootpw          xxxxx

rootdn cn=config is hardcoded, it can't be altered.
Nor does it even need to be specified, since it is hardcoded. You only need to declare the config database in order to set the rootpw. Otherwise, it will be there regardless. If you use authz-regexp's to access the database, you don't need to use a rootpw at all.

 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/