--On Tuesday, April 5, 2022 8:44 AM +0800 David Timber dxdt@dev.snart.me wrote:
You didn't read my original mail. Let me clearify again.
The point was that why I have to make a separate conf file to feed it to slaptest to generate ldif whereas with slapd.conf you can just use include. And another problem with cn=config is that if you wanna add a schema, you have to either rebuild the entire schema attributes or handcraft ldif with proper starting {} index(ldapadd will not do this for you).
cn=config: 1 text editor, 2 tools, 2 files involved slapd.conf: 1 text editor involved
to achieve the same goal.
If you don't see a problem here, just stay out of it.
I did read your email, I understood it perfectly, but it's abundantly clear you were unable to grasp my answer.
To be clear, cn=config is a DATABASE it is NOT A TEXT FILE. You should never be using a text editor on the contents under cn=config. If you need to manipulate a text version of it, EXPORT it to LDIF with slapcat.
If you have a cn=config LDIF file you will be loading via slapadd, you can trivially use an "include" line just like in the gist I linked you. Otherwise, if you're online, you can simply use ldapadd. As far as ORDERING is concerned, you can use weights to tweak the order when you ldapadd it, but you would have to mildly tweak the input LDIF file (so then an editor is involved). For example, using the java.ldif file:
dn: {3}cn=java,cn=schema,cn=config objectClass: olcSchemaConfig cn: {3}java ....
And you're literally missing the point that a ".schema" file is a syntax specific to slapd.conf and a ".ldif" file is a syntax specific to cn=config. Just as you cannot load a ".schema" file into cn=config, you cannot load a ".ldif" file into slapd.conf. The two things are *equivalent* representations for their respective configuration types. In the future, expect only ".ldif" files to get shipped once we finalize deprecating slapd.conf.
You seem to lack a fundamental concept of what cn=config is and of how to correctly utilize it. That's not the projects faults and I'd expect you actually spend some time learning how things operating before criticizing it out of ignorance.
Regards, Quanah