[Date Prev][Date Next]
Re: newbie slapd.conf VS slapd.d management ?
- To: firstname.lastname@example.org
- Subject: Re: newbie slapd.conf VS slapd.d management ?
- From: Mauricio Tavares <email@example.com>
- Date: Mon, 18 Apr 2011 11:35:15 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type:content-transfer-encoding; bh=i06dR/cuInCyaMcdF3UkL//lD++2vB0/FOOyRpycj7M=; b=QZaRUAoL9+oWJx6bqy+V7LlmRAq3AE7hjCq7ufM9uTeXFESDDGPdf/0R69xINDRpI9 E1W4PGRWWcs1S+MfhuvYjQ1bhvZvUHjw5pAB0UZfTVH9f+S3I1ENyl+R1dIU/qFgwud8 PfcjcV7+0nvjs0Wg7FL9/II0yalZPEI3CAypc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=HNoSWhLNHKzGzICNzYywnbXB987BrQPQc5TKjHCGhijkQPVXpd2xnclJblc5h1OS/S jS2GB47oeKvoNgssb4bH47g48XMKcqiXEH3hQAUXJEJ3KAj/IKLGsw1oJRBw4Qnb8kwa S9faWPmZ74xibWG5jdkzEkLlL5yaH49E6146Y=
- In-reply-to: <BANLkTikLsOWJXKNE5X3fzpBCVdiwjMOVVg@mail.gmail.com>
- References: <BANLkTikLsOWJXKNE5X3fzpBCVdiwjMOVVg@mail.gmail.com>
On Mon, Apr 18, 2011 at 10:50 AM, Olivier <firstname.lastname@example.org> wrote:
> Hi everyone,
> SUMMARY :
> IN A DAY TO DAY ADMINISTRATION, SHOULD I EDIT SLAPD.CONF
> AND USE SLAPTEST TO TRANSLATE INTO SLAPD.D STYLE OR
> SHOULD I EDIT DIRECTLY FILES IN SLAPD.D AND DEFINITIVELY
> REMOVE THE SLAPD.CONF FILE ?
> IN THE FORMER CASE, IS THERE A DOCUMENTATION THAT DOESN'T
> MIX SLAPD.CONF WITH SLAPD.D STYLE (I'm a bit confused with examples
> I find to be honnest).
> Additional info about my question :
> I just start with ldap and I want to deploy an internal ldap directory
> that will be used for various application (authentication, information
> about staff in the company, etc). We are fresh, therefore we start
> "from scratch".
> I'm playing with tan openldap server 2.4 installed on a fedora.
> The documentation about the slapd configuration file(s) is not quite
> clear to me : I find information about how to configure the server by
> editing "slapd.conf", and at the same time this documentation says
> that this file is obsolete and configuration files should now now be
> stored in "slapd.d" directory.
> I have managed to edit a correct slapd.conf file and I translated it
> to a slapd.d style using slaptest utility : slapd is runing and I can
> query my directory... ok !
> But could some tell me what is the PROPER way to now maintain
> and admininistrate an operational openldap directory : slapd.conf
> or slapd.d style ?
From what I have read, the slapd.conf file is going away, so you
should use ldifs instead. Also, most of the stuff you would have setup
in slapd.conf (backend stuff like ACLs) should not change during
day-to-day operations (frontend stuff like users, groups, and machine
accounts). In any case, both backend and frontend stuff can be edited
using ldapadd/ldapmodify/etc while server is up and running.
That is AFAIK, of course. Which means I could be horribly wrong.
> THANKS FOR YOUR HELP !