Howard Chu writes:
Hallvard B Furuseth wrote:
You also need to walk through the database and delete any attributes object classes defined by the overlay. That'll be at least any operational attributes since they must be hardcoded into the C source.
I wouldn't bother with that, since the schema definitions are still present. Those attributes would simply stop being updated/generated...
OK, but their presence is still misleading.
(...) I.e. should these userPasswords be deleted? (...)
I think that's wrong.
Yes, me too. I was thinking cross-eyed. Cross-brained?
When you remove an overlay, you should expect to lose all the functionality that the overlay provided. If the overlay had locked an account, the lock will simply disappear when the overlay is removed.
Not necessarily, but it's the admin's problem to decide what to do. Though he might want the overlay to refuse to go away until he has cleaned up. Maybe some ppolicy attribute can get a presence index, and the overlay would refuse to be deleted if a search for that attr found something.