[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Concerns with OLC (cn=config) for editing schema, ACLs, and deleting entries



On Mar 21, 2012, at 22.00, Chris Hiestand wrote:

> On Mar 21, 2012, at 5:59 PM, David Arroyo wrote:
> 
>> What is the correct way to delete a database from olc?
> 
> I get the feeling it is frowned upon, but I think you could:
> 1. "slapcat -s 'cn=config'" > config.ldif
> 2. edit config.ldif
> 3. delete or move slapd.d/*
> 4. slapadd -n0 -F /path/to/slapd.d -l config.ldif
> 
> note: ensure slapd.d ends up with appropriate ownership/permissions.
> 
> Please correct me if I'm wrong.

not frowned upon at all, but i'd amend that process slightly:

1. stop slapd
2. slapcat -b 'cn=config' -l config.ldif
3. mv slapd.d slapd.d.bak
4. mkdir slapd.d
5. edit ldif as desired
6. slapadd -n 0 -F slapd.d/ -l config.ldif
7. slaptest -F slapd.d/
8. adjust ownership/permissions as appropriate for slapd.d/
9. start slapd

the order of a few of the steps could vary slightly depending on personal preference, and technically, slapd doesn't necessarily have to be stopped so early on, but for the sake of those to which this topic applies, it keeps things simple.

-ben