[Date Prev][Date Next]
Re: hi, question about slapd.d configuration changed on the fly
Updates to your configuration made by LDAP updates CAN be persistent. If
you start slapd with the -F option, slapd will create a configuration
directory, converting your current slapd.conf into a permanent directory
in slapd.d. If you continue to use the -F option on restart, any
configuration changes from prior sessions will be still in force.
I agree that reordering olcAccess isn't easy. I keep an ldapmodify LDIF
file with just a changetype replace for that one attribute. Don't put
the sequence numbers and curly braces into the LDIF, OpenLDAP will
assign those sequence numbers itself. Replacing all the values like this
will get them in the order you want. If you have a lot of ACLs, you may
want to dump them with ldapsearch first and convert the LDIF output for
the replace operation.
Tony Earnshaw wrote:
Howard Chu wrote:
I'd guess that the passage you quote (and it _is_ correct) was
written for a future version of OpenLDAP. For us, simply being able
to change olcLogLevel on the fly with gq's 'point 'n click' has been
one huge godsend.
Where are you getting this "one or two" stuff? Everything can be set
dynamically. All means all.
Ok, it can all be changed. For cn=config I often use GQ, since that's a
handy tool, to change olcLogLevel on running servers. But changing the
order of olc Access, for example, isn't easily accomplished (this has
been discussed before) and all on the fly changes are lost the next time
the daemon is restarted (assuming a valid slapd.conf and other included
conf files). I should have written that it's not a practical solution at
The original poster obviously missed the point that the *LDAP*
configuration engine is driven by *LDAP*. I.e., changes are
accomplished using ldapmodify, not by editing any files.
Possibly, he didn't make that clear.