Re: Converting from slapd.d back to slapd.conf

[Christian Kratzer <ck-lists@cksoft.de>]

Hi,

On Fri, 28 Mar 2014, Nick Milas wrote:

> On 28/3/2014 1:25 ??, Christian Kratzer wrote:
>
> > I consider cn=config superior once you get your head wrapped around it. 
>
> On 28/3/2014 12:53 ??, Simone Piccardi wrote:
>
> > - I can put comments on it
>
> Christian,
>
> Please allow me to intervene in the thread to say that your comments are very 
> valid, but still, Simone's need for comments is beyond doubt.
>
> Here is a long discussion done in 2012 about this (this link points to my own 
> message, but it is a long thread with valuable info):
>
> http://www.openldap.org/lists/openldap-technical/201203/msg00214.html

yes cn=config needs some work and polishing.

As we already have ordering in acl and such comments should not bee too hard to add.

We still have the problem of formatting of individual attributes like olcAccess and olcSyncrepl which have tons of information.

That's why I currently maintain my acl externally and version them using svn which allows me to keep my indentation, comments and formtting.

I consider this quite similar to the way I maintain cisco router and asa firewall configs and specific acl on a tftp server and use copy tftp running-config to apply them.

Ideally I would like to fire up ldapvi and see my comments and my formatting of large attributes such as olcSyncrepl and olcAccess perhaps split up over multiple lines.

This of course poses challenges as the attributes are plain ascii strings.

The best approach needs thiniking.

> I take the opportunity to repeat here that, IMHO it is vital to have (at 
> least) correct ordering of ACLs and the ability to add comments anywhere in 
> the config. Also see other usability issues mentioned in the above thread and 
> elsewhere.

Ordering is already implemented.  +1 for the rest.

> I hope that now, when 2.5 branch has started, such issues may be addressed!

I would suppose that patches and discussion is welcome.  As a cn=config user I am equally interested in getting full usablity.

Kind of like havin feature parity between ipv4 and ipv6 is so important in other areas.

Greetings
Christian

> All the best,
> Nick

--
Christian Kratzer                   CK Software GmbH
Email:   ck@cksoft.de               Wildberger Weg 24/2
Phone:   +49 7032 893 997 - 0       D-71126 Gaeufelden
Fax:     +49 7032 893 997 - 9       HRB 245288, Amtsgericht Stuttgart
Mobile:  +49 171 1947 843           Geschaeftsfuehrer: Christian Kratzer
Web:     http://www.cksoft.de/