Re: How to set BDB "read-only" before slapcat command ?

[Quanah Gibson-Mount <quanah@zimbra.com>]

--On Monday, February 09, 2009 5:40 PM +0000 Andrew Hall 
<whippyhubbles@googlemail.com> wrote:

> 2009/2/9 Quanah Gibson-Mount <quanah@zimbra.com>:
>
> > I'm not sure why you feel it is necessary to set the server read-only
> > before you run slapcat anyway.
>
> It was purely in relation to point 18.1.2 in this doc...
>
> http://www.openldap.org/doc/admin24/maintenance.html
>
> To quote...
>
> "Slapcat can be run while slapd is active. However, one runs the risk
> of an inconsistent database- not from the point of slapd, but from the
> point of the applications using LDAP. For example, if a provisioning
> application performed tasks that consisted of several LDAP operations,
> and the slapcat took place concurrently with those operations, then
> there might be inconsistencies in the LDAP database from the point of
> view of that provisioning application and applications that depended
> on it. One must, therefore, be convinced something like that won't
> happen. One way to do that would be to put the database in read-only
> mode while performing the slapcat."

Right, and this only becomes an issue if you later restore from that 
slapcat, and you have no way to deal with this in your provisioning system. 
And at that point, you're fairly screwed anyway, because if you can't 
handle going from point A -> point B in your provisioning system, you'll 
never get your LDAP servers consistent with it anyway.

--Quanah


--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration