[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How is the intention to change config?

<quote who="openldap">
> Hi LDAPers
> [cvs@myhost ~]$ rpm -q openldap-servers
> openldap-servers-2.3.39-1.fc8
> [cvs@myhost ~]$
> As far as i have understood, the openldap config is moving towards
> beeing fully LDAP integrated, i.e. you will change the config using
> ldapmodify, you will add to the config using ldapadd, you will view the
> config using ldapsearch.

It has moved already. You have a choice of either. slapd.conf is planned
to be dropped at some point in the future.

You will be limited with a 2.3 release however (more at

> That created me a problem: i had to add a  schema. what i did: i created
> a new olcInclude object into cn=config. This object, however, was not
> stable, it got lost at the next slapd restart.
> When i consulted this discussion list, i was informed that adding a new
> olcInclude object is not the correct way to add a new schema. But i was
> not informed on how the intention is to do it.

See openldap.ldif and core.ldif in the schema directory of the OpenLDAP

> I imagine that another way would be to convert the schema from the
> schema file manually/directly into olcAtttributeTypes, olcObjectClasses,
> olcObjectIdentifier and insert them  into the cn=schema,cn=config. This,
> however, would be a very error prone action.

It's very easy and doesn't take long honestly.

> Also, the handling of the access rights in the future is far from clear.
> When i consulted the openldap docu, i found put me in front of a
> fait-accompli: that is how it is, help yourself.

ACLs? See

I will be moving these into a new document section very soon.

> could someone shed some light on the evolution process from file-based
> config into LDAP-based config?


Like you've probably been told, "help yourself" to the documentation ;-)

> thanks in advance.
> suomi