I'd like a slap tool which verifies an LDIF before I try to ldapadd/slapadd it. "slapadd -u -o value-check=yes" is fairly close. What does it fail to catch? I can think of:
- Duplicate entries. - Missing entries (if the initial DB is expected to be empty). - Child entries before parents (OK for slapadd to at least back-<bdb,hdb,mdb>).
- Issues which the tool can only catch if it opens the database, like attempts to add already-existing entries. I probably don't want to do that.
- Issues which overlays like slapo-unique would reject. Can't do that, since the overlay won't have a non-empty DB to check against and slap tools do not use overlays anyway. Might special-case "unique" though, since the "duplicate entries" check will need uniqueness code anyway.