Re: requesting clarification of slapd.conf-versus-slapd.d configuration

[Howard Chu <hyc@symas.com>]

Eric Irrgang wrote:
> On Thu, 20 Apr 2006, Howard Chu wrote:
>
> > What directives are you talking about getting repeated? Few of them
> > tolerate being specified redundantly. But the whole point of the config
> > directory is to show you the active configuration as slapd is using it.
> > So, the better question for you is, how does slapd behave with repeated
> > directives?
>
> Specifically, I have used an approach of separating out database
> definitions into separate include files so that the main slapd.conf file
> could have broader read permissions than the more sensitive parts that
> include things like rootdn password hashes.  In a database specification I
> may include separate security strenth factors than the global section
> specifies.

As noted in 
http://www.openldap.org/lists/openldap-devel/200507/msg00099.html
not all global directives support multiple instances. The security 
strength factor is set for the entire server, it has no per-database 
settings. The last setting in the configuration is what stays in effect.

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/