Since 1) the behavior is different 2) the slapd.conf to cn=config conversion sucks in the relevant information anyway and 3) use of includes is inappropriate under cn=config is it maybe time for the slap* tools stop creating cn=Includes?
On Tue, 23 Jan 2007, Howard Chu wrote:
Eric Irrgang wrote:
Are olcInclude attributes in cn=config honored as per the Admin Guide section 5.2.2 or is that documentation misleading?
Good question. The short answer is - the use of include files is not recommended for cn=config. They really only work correctly when slapd is using slapd.conf.
Keep in mind - in slapd.conf, you can insert include statements anywhere at all in the config file, you can order them completely arbitrarily, interleaving them with any other config statements. Under cn=config, all of the cn=Includes are grouped under one place, they can't have anything else inserted between them, so if they needed to have other intervening directives processed first, they would fail.
Also, the point of using cn=config is to make every part of the configuration accessible/modifiable using LDAP. slapd.conf-formatted files (e.g. include files) are not accessible or modifiable using LDAP. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc OpenLDAP Core Team http://www.openldap.org/project/
-
Eric Irrgang -
Howard Chu -
Michael Ströder