[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Configuring OpenLDAP with a custom schema instead of default schemas
On Fri, Jul 14, 2017 at 02:48:30PM +0000, Jon Smark wrote:
Anyway, I have defined a schema file with the custom attributes
and object classes relevant to my domain. Starting from a fresh
installation of OpenLDAP 2.4.42 running on Ubuntu 16.04, I want
to configure my Slapd server to *only* consider my schema file and
to ignore all the other schemas it's configured to use by default.
I have to assume you have good reasons for doing that; but please do
consider that most applications out there are written with the existing
standardized schemas in mind, and try to leverage them as much as it
makes sense to.
You do most likely at least want the 'core' schema. Most things assume
it is present.
I thought it would be as simple as removing the old /etc/ldap/slapd.d
and replacing it with the output of slaptest applied to my schema
file. This doesn't work, unfortunately, because slapd refuses to
start afterwords.
The default configuration defines a bit more than just that. The
template used by the installer is /usr/share/slapd/slapd.init.ldif but
there are some placeholders that the maintainer scripts fill in.
The Debian/Ubuntu init script requires you to define olcPidFile at a
minimum, so it can do process tracking. (You didn't explicitly say
you're invoking the init script; I apologize in advance if I'm assuming
incorrectly that you want to use it.)
I'm not completely sure (haven't tested recently) but I think slaptest
works better on a skeleton slapd.conf that just "include"s the relevant
schema than it does on the schema file itself.
I apologize if this question seems basic, but I'm stuck on this very
first step and I've been unable to find an up-to-date tutorial on how
to configure a recent OpenLDAP server from scratch (ie, without all
the default schemas).
http://www.openldap.org/doc/admin24/slapdconf2.html
hope this helps,
Ryan