[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: schema updates and cn=config

To: "E.S. Rosenberg" <esr+openldap@g.jct.ac.il>
Subject: Re: schema updates and cn=config
From: Clément OUDOT <clem.oudot@gmail.com>
Date: Wed, 6 Jul 2011 09:45:17 +0200
Cc: openldap-technical@openldap.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=KLFL1luC0f/+Wx1I8X2788DJmwB56unbcIEwMQTZkzs=; b=uXcZzY/LDipbi4T5gbgJphgfdPf7A38lAOoFkuYlxHIdpQe3gyWEoecx1OviBrjf3R w74SASY3EXPDGCMIsXLBBI0CMXioAvk+NYEndzJicmexxJLTLyXC80jsXtPWnV4iaJaP H0c+z9hbfGrrfxhRKcwVitwZ/QbYrf52dTpoM=
In-reply-to: <CAHTx_BMNpD8r4+FJqc35+CfW5ahZS_y0L9xGw3Ramu6+mzMFNA@mail.gmail.com>
References: <CAHTx_BMNpD8r4+FJqc35+CfW5ahZS_y0L9xGw3Ramu6+mzMFNA@mail.gmail.com>

2011/7/6 E.S. Rosenberg <esr+openldap@g.jct.ac.il>:
> Hi all,
> I was wondering about the following thing (after just reading the long
> cn=config thread), programs may distribute .schema files only, in
> which case as already pointed out you should:
> 1. Request in a friendly manner that they provide an ldif if possible
> 2. convert it yourself using slaptest and add it using ldapadd/modiy etc.
>
> The question I had is like this, a project may update/change it's
> schema and if they ship only .schema files or .ldif that assume that
> the schema is not loaded yet (ie. that do the initial add and not
> modify operations, what you would also get from a .schema conversion)
> then you are it would seem to me a bit stuck because you either:
> - have to unload the old schemas (using ldapmodify) which leaves you
> with invalid entries in your DIT while their schema is missing
> or
> - you have to manually figure out what the differences are between the
> currently loaded schema and the new version of the schema (diff may be
> helpful there) and the manually create an ldif that does all the
> necessary modify operations.
>
> So I was wondering if there is any way to generate a "diff-ldif" (for
> lack of a better name) automatically to update the schema based either
> on provided ldifs or provided .schema files (after conversion).
>
> Obviously the other way is to ask the project in a friendly way that
> they provide said "diff-ldifs" as well as regular ldifs.
>
> Maybe I am completely wrong but so far this is what I understood from
> all the manuals etc.
>


Hi,

I think that application providers should manage schema diff
themselves, like they would do with sql schema :
* a complete schema for those installing the software for the first
time on the system
* an update schema to migrate the schema from the previous version to
the current version

On my side, the problem I see is that LDIF schema for OpenLDAP is
OpenLDAP specific (because of the olc* attributes names) and cannot be
imported in other LDAP servers like OpenDJ or ApacheDS. So application
providers will have to ship LDIF schema for OpenLDAP and LDIF schema
for other servers. Can't we find a solution to have a standard LDIF
schema import/update?


Clément.

Follow-Ups:
- Re: schema updates and cn=config
  - From: Howard Chu <hyc@symas.com>

References:
- schema updates and cn=config
  - From: "E.S. Rosenberg" <esr+openldap@g.jct.ac.il>

Prev by Date: Re: database monitor
Next by Date: Fwd: ldap_sasl_interactive_bind_s: Other (e.g., implementation specific ) error (80)
Index(es):
- Chronological
- Thread