[Date Prev][Date Next]
Re: Installation openLDAP in Debian
On Wed, Apr 20, 2011 at 1:33 PM, Simone Piccardi <firstname.lastname@example.org> wrote:
> On 20/04/2011 17:42, Jose Ildefonso Camargo Tolosa wrote:
>>> Modern OpenLDAP does not use slapd.conf. Please read the OpenLDAP Admin
>> Quanah: actually, documentation is not yet complete for cn=config, I
>> had to actually convert my slapd.conf to cn=config using slaptest in
>> order to find out how to do the same I had on slapd.conf on cn=config.
> That's the way I'm using it. And I suggest to anyone not needing to modify
> configurations on the fly to use it that way.
> Because apart the missing documentation, I found difficult having to deal
> with the obscure attribute names and the complex directory structure (and
> the not so explicative file names used under it) that I found in
Well, I actually got used to cn=config pretty quickly, nevertheless, I
still find easier to understand and modify the slapd.conf file than
the directory structure under slapd.d... it is definitely more complex
(and I don't think it is easier to modify using a LDAP administration
The "cn=config" replication suggested on the docs becomes useless when
you need to use TLS, because, AFAIK, we don't have a way of having
different TLS parameters for each replica (and, on a multi-master
setup, you will likely have different servers, with different names,
and thus: different SSL certificate).
> I understand the needs for cn=config, but for the moment I don't need it.
> Having a file with a simple syntax that I can read and modify instead of a
> tree of LDIF files is far more convenient for me. So I hope that slapd.conf
> will remain supported.
+1, we shouldn't drop slapd.conf file.
> Simone Piccardi Truelite Srl
> email@example.com (email/jabber) Via Monferrato, 6
> Tel. +39-347-1032433 50142 Firenze
> http://www.truelite.it Tel. +39-055-7879597 Fax. +39-055-7333336