[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Olc deployment vs slapd.conf based deployment

To: Quanah Gibson-Mount <quanah@symas.com>, openldap-technical@openldap.org
Subject: Re: Olc deployment vs slapd.conf based deployment
From: Michael Ströder <michael@stroeder.com>
Date: Fri, 15 Sep 2017 19:49:10 +0200
In-reply-to: <33CC7C0F66B0112865DBD451@[192.168.1.30]>
References: <CALm_VjikYjnYEcrfKXYjm8AFt0VQ7EV1crGX=tXst3-RUbr7fQ@mail.gmail.com> <78567B9241600A3CA0EAC7A6@[192.168.1.30]> <b9e230a5-1dc0-b01f-ae4d-d23e0cd21d3e@stroeder.com> <b7d93005-3de5-5b9a-630e-d93510bd9b44@ironicdesign.com> <WM!c441031e673082de9904bb70fc818ffda9b9f7dd5392e09c37cc5ccb7332246257b6daf5a456f233f94aa06df0aea0f3!@mailstronghold-1.zmailcloud.com> <77336596566E63C254BF34B5@[192.168.1.30]> <2d8fa872-4df7-3cd0-6b0a-8ebc14cebf53@stroeder.com> <WM!c8d63a6f4f974d40c855bc7d5b31d986056321b2edd8e9f4b0cf0927e247b8ece8763c023be4553effb0a31dacc031f3!@mailstronghold-1.zmailcloud.com> <D8194CCB2216F333EA67231D@[192.168.1.30]> <6da7eea6-d209-226f-c7f3-f97f149344e4@stroeder.com> <WM!d539e7f4ea540fb7cc4264264cb345aa1c3312e5a9cf4415abacf83ec5d76f5d0666910600c9779cf61a582a02703201!@mailstronghold-2.zmailcloud.com> <33CC7C0F66B0112865DBD451@[192.168.1.30]>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:51.0) Gecko/20100101 SeaMonkey/2.48

Quanah Gibson-Mount wrote:

--On Friday, September 15, 2017 7:57 PM +0200 Michael Ströder
<michael@stroeder.com> wrote:

I strongly disagree. It's a schema shipped by OpenLDAP
installation. So this update should have simply worked.


Since the schema is stored in the cn=config DB, there's not an
option to replace the ppolicy LDIF in cn=config on upgrade.  It
has to be scripted.


I fully understand the technical reason for what went wrong.

But the sysadmin should not be required to script anything in casea schema file always shipped by OpenLDAP was updated by a regularOpenLDAP update. It should simply work like it does with otherLDAP server implementations and cn=config.

I did test the update with my own installations.
But they simply use slapd.conf.
And it worked. ;-}


This would imply you updated the schema files at the same time.

Yes, of course. Any decent distribution package installs theschema files for this particular OpenLDAP version.

If you kept the 2.4.40 ppolicy.schema file with your new
configuration, it would not have "simply" worked.

Yes, but why should I do so? A decent slapd.conf simply points tothe version-specific OpenLDAP schema files. That's what we keeptelling people here, aren't we?


Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- Re: Olc deployment vs slapd.conf based deployment
  - From: rammohan ganapavarapu <rammohanganap@gmail.com>
- Re: Olc deployment vs slapd.conf based deployment
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Olc deployment vs slapd.conf based deployment
  - From: Michael Ströder <michael@stroeder.com>
- Re: Olc deployment vs slapd.conf based deployment
  - From: Andy Dorman <adorman@ironicdesign.com>
- Re: Olc deployment vs slapd.conf based deployment
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Olc deployment vs slapd.conf based deployment
  - From: Michael Ströder <michael@stroeder.com>
- Re: Olc deployment vs slapd.conf based deployment
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Olc deployment vs slapd.conf based deployment
  - From: Michael Ströder <michael@stroeder.com>
- Re: Olc deployment vs slapd.conf based deployment
  - From: Quanah Gibson-Mount <quanah@symas.com>

Prev by Date: Re: Olc deployment vs slapd.conf based deployment
Next by Date: Re: Olc deployment vs slapd.conf based deployment
Index(es):
- Chronological
- Thread