[Date Prev][Date Next] [Chronological] [Thread] [Top]

Removing cn=config elements (Not at runtime)



I have seen in the list archives that using ldapmodify to remove cn=config elements while openldap is running is not supported.
However I do need to be able to disable overlays in certain cases 
sometimes (Even if it's for testing). I tried shutting down the server 
and then modifying the cn=config directory area, by renaming the .ldif 
file to ldif.disable. That seems to work but I'm wondering if there are 
other caveats I should be considering when performing actions like that.
One thing I did notice is that it seems like the openldap server goes 
ahead and re-numbers the overlays so there are no gaps. however the 
cn=config filesystem area did NOT renumber the files and the server 
behaved strangely when I tried to ldapmodify the "disabled" config back 
into the running system. (I got a err=32 no such object using openldap 
2.4.26) Stopping the server again and then renaming the extension 
.disable to .ldif brought everything back to where it was. As a side 
note the ldif I used to create the overlay is the same I tried to use in 
this last step.
If I disable using the above method and then renumber the files myself 
before restarting the server I'm able to add the the config back in 
using ldapmodify but it prompts the question what else should I be 
considering.
Thanks Jeffrey