[Date Prev][Date Next]
Re: Updating a private schema (cn=config)?
Andrzej Jan Taramina wrote:
I need to update one of our internal LDAP schemas, but am not sure of the
best process to use. Haven't managed to find
Using the latest Ubuntu Intrepid OpenLDAP
any info on this, especially using the newer cn=config configuration
error. Deleting all my LDAP entries doesn't help
I've tried deleting the schema, but keep getting a "server won't allow"
a GUI tool like Luma nor using LDIF
that. It seems that once you have a schema defined you can't delete it
directives with OpenLDAP running.
Do I just shut down my LDAP server, and delete the entry in the cn=config
directory, then re-install the new schema version?
This was just discussed on -technical as well. You can delete individual
schema elements using ldapmodify. You cannot delete entire cn=config entries
(using ldapdelete). There are no plans to change this behavior for schema in
What about any entries that depend on the schema? Will they be
The answer is "it depends"...
In general, once you start using a schema, you're stuck with it. (Which is one
reason why ldapdelete for schema entries will never be implemented.) You can
fine tune individual elements of it (alter definitions, add/remove
definitions), but there are issues that are still being worked on.
See ITS#5540 for one of the problems still in progress.
add/modify times....or are there links to
that is, do I need to delete them all and
re-add them? I guess if I knew when a schema is actually used (eg. only at
from the entries that are used at other times?) it would help?
Thanks for the advice...
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/