-----Original Message----- From: Howard Chu [mailto:hyc@symas.com]
In OpenLDAP 2.3 you can add new schema definitions on the fly, but you cannot modify existing definitions. In OpenLDAP 2.4 you can do full schema modifications on the fly.
Are they replicated from master to slaves in 2.3?
Read the Admin Guide. I think you'll be better off using OpenLDAP 2.4 for this project. We should be pushing out a new 2.4 alpha release pretty soon.
Is version 2.4 likely to become stable in the near future? Does anyone have any stories from a production environment? We've just updated to 2.3 stable & HDB (from 2.1/LDBM) and would rather not repeat the process so soon!
I'm playing around with cn=schema,cn=config now, and my changes are not preserved after slapd is restarted, is there a way around this? Any recommended methods to take (excluding minor revision increments)?
My current thoughts are to push the schema updates as both LDIF and schema files so a restart will pick up the changes from disk, although an alternative I'd like would be to build the schema dynamically.
I've noticed also that schema updates done dynamically don't pick up data already recorded, for example (the testTwo attribute is the only one defined through the dynamic schema):
$ ldapsearch [blah] dn: cn=test,o=base cn: test objectClass: device objectClass: testObject testTwo: w00t
[restart slapd]
$ ldapsearch [blah] dn: cn=test,o=base cn: test objectClass: device objectClass: testObject
$ ldapadd [blah] dn: cn=test,cn=schema,cn=config objectClass: olcSchemaConfig cn: test olcAttributeTypes: ( 1.1.1 NAME 'testAttr' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) olcAttributeTypes: ( 1.1.2 NAME 'testTwo' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) olcObjectClasses: ( 1.1.3 NAME 'testObject' MAY ( testAttr $ testTwo ) AUXILIARY ) adding new entry "cn=test,cn=schema,cn=config"
$ ldapsearch [blah] dn: cn=test,o=base cn: test objectClass: device objectClass: testObject
Does this mean the schema needs to be present before the database is loaded to pick up these attributes?
And to pre-empt the inevitable response, I'm guessing this all works beautifully in 2.4?
Mark Mcdonald wrote:
-----Original Message----- From: Howard Chu [mailto:hyc@symas.com]
In OpenLDAP 2.3 you can add new schema definitions on the fly, but you cannot modify existing definitions. In OpenLDAP 2.4 you can do full schema modifications on the fly.
Are they replicated from master to slaves in 2.3?
Not with syncrepl, but you could make slurpd handle this for you. In 2.4 syncrepl can handle it.
Read the Admin Guide. I think you'll be better off using OpenLDAP 2.4 for this project. We should be pushing out a new 2.4 alpha release pretty soon.
Is version 2.4 likely to become stable in the near future? Does anyone have any stories from a production environment? We've just updated to 2.3 stable & HDB (from 2.1/LDBM) and would rather not repeat the process so soon!
2.4 stable, no, not likely to happen soon.
I'm playing around with cn=schema,cn=config now, and my changes are not preserved after slapd is restarted, is there a way around this? Any recommended methods to take (excluding minor revision increments)?
READ THE ADMIN GUIDE.
http://www.openldap.org/doc/admin23/slapdconf2.html
On Thu, Feb 08, 2007 at 08:01:19PM -0800, Howard Chu wrote:
Mark Mcdonald wrote:
-----Original Message----- From: Howard Chu [mailto:hyc@symas.com]
In OpenLDAP 2.3 you can add new schema definitions on the fly, but you cannot modify existing definitions. In OpenLDAP 2.4 you can do full schema modifications on the fly.
Are they replicated from master to slaves in 2.3?
Not with syncrepl, but you could make slurpd handle this for you. In 2.4 syncrepl can handle it.
Read the Admin Guide. I think you'll be better off using OpenLDAP 2.4 for this project. We should be pushing out a new 2.4 alpha release pretty soon.
Is version 2.4 likely to become stable in the near future? Does anyone have any stories from a production environment? We've just updated to 2.3 stable & HDB (from 2.1/LDBM) and would rather not repeat the process so soon!
2.4 stable, no, not likely to happen soon.
I'm playing around with cn=schema,cn=config now, and my changes are not preserved after slapd is restarted, is there a way around this? Any recommended methods to take (excluding minor revision increments)?
READ THE ADMIN GUIDE.
Howard
in a previous thread you mentioned that the cn=config wasn't ready for synrepl setup (I think you said the master bit was but the slave/consumer wasn't) any idea when that might be ready and will we see it in 2.3 or will it only be available in 2.4
-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc Chief Architect, OpenLDAP http://www.openldap.org/project/
Alex Samad wrote:
Howard
in a previous thread you mentioned that the cn=config wasn't ready for synrepl setup (I think you said the master bit was but the slave/consumer wasn't) any idea when that might be ready and will we see it in 2.3 or will it only be available in 2.4
2.3 is feature-frozen, so no, it will not appear in 2.3. The feature has been working in CVS HEAD for a few weeks; it will be in the next 2.4 release.
On Fri, Feb 09, 2007 at 02:05:05AM -0800, Howard Chu wrote:
Alex Samad wrote:
Howard
in a previous thread you mentioned that the cn=config wasn't ready for synrepl setup (I think you said the master bit was but the slave/consumer wasn't) any idea when that might be ready and will we see it in 2.3 or will it only be available in 2.4
2.3 is feature-frozen, so no, it will not appear in 2.3. The feature has been working in CVS HEAD for a few weeks; it will be in the next 2.4 release.
How does 2.4 relate to the symas packages ? Is 2.4 an alpha before it hits symas ? Will there be a deb packaging of the symas as well as the rhel ?
Thanks
-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc Chief Architect, OpenLDAP http://www.openldap.org/project/
Alex Samad wrote:
On Fri, Feb 09, 2007 at 02:05:05AM -0800, Howard Chu wrote:
Alex Samad wrote:
Howard
in a previous thread you mentioned that the cn=config wasn't ready for synrepl setup (I think you said the master bit was but the slave/consumer wasn't) any idea when that might be ready and will we see it in 2.3 or will it only be available in 2.4
2.3 is feature-frozen, so no, it will not appear in 2.3. The feature has been working in CVS HEAD for a few weeks; it will be in the next 2.4 release.
How does 2.4 relate to the symas packages ? Is 2.4 an alpha before it hits symas ? Will there be a deb packaging of the symas as well as the rhel ?
There are many features of 2.4 that are already present in Symas CDS, yes. But it's not a complete back-port. So you might think of Symas CDS as being a theoretical OpenLDAP 2.3.80. The Symas release cycles aren't really tied into the OpenLDAP release cycles; we put in what our customers request, when they request it. We contribute our changes back into OpenLDAP HEAD, and they get into a public OpenLDAP release whenever that's appropriate - urgent bug fixes immediately go into a release, more radical enhancements may have to wait. There are also interesting new features in HEAD that we haven't merged into CDS yet, because none of our customers have asked to use them.
There's a fair bit of patch management effort involved, but overall it's working for everyone. Features that we put in by customer request get shaken down heavily, quickly, because of our own testing and because the features get deployed into real-world use right away. This is a kind of testing that can't easily be done in the OpenLDAP test suite itself, because it requires real data and real workloads. On the other hand, we also produce test cases for OpenLDAP to verify basic functionality and to detect regressions. So in the end we get both broad generic testing as well as specific in-depth testing, and the result is that the code in HEAD gets stable pretty quickly.
As for a .deb package - none of our paying customers has requested one as yet, so we haven't built one.
Thanks
Alex Samad wrote:
On Fri, Feb 09, 2007 at 02:05:05AM -0800, Howard Chu wrote:
Alex Samad wrote:
[...]
How does 2.4 relate to the symas packages ? Is 2.4 an alpha before it
hits
symas ? Will there be a deb packaging of the symas as well as the rhel
?
There will be a CDS version 4 alpha that tracks OpenLDAP 2.4 as it becomes ready for prime time. As yet there is no availability date and, as Howard says, there are presently no paying customers for Debian, so no deb packages are planned at this time. Using alien to install CDS seems to work pretty well, though.
Cheers,
Matthew Hardin Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-software@openldap.org
-
Alex Samad -
Howard Chu -
Mark Mcdonald -
Matthew Hardin