On 10/28/2016 8:00 AM, openldap-technical-request@openldap.org wrote:
Message: 10
Date: Thu, 27 Oct 2016 11:45:46 -0700
From: Quanah Gibson-Mount <quanah@symas.com>
To: Ted Hyde <laserted@gmail.com>, openldap-technical@openldap.org
Subject: Re: Provider-Consumer replication 2.4 OLC (second attempt)
Message-ID: <2B151020D2CC5C1D45A0A2C9@[]>
Content-Type: text/plain; charset=us-ascii; format=flowed

--On Tuesday, October 25, 2016 11:34 AM -0400 Ted Hyde <laserted@gmail.com> 

> Greets - (first post, second time. Don't know if it's being moderated or
> dropped, will keep trying).
It ended up in my spam folder for some reason.

> After installation, I have two functioning standalone servers. During my
> research, I found two conflicting pieces of information. I prefer to
> perform "refreshOnly" instead of "refreshAndPersist", so some sources say
> ONLY the consumers need configuration, a couple said both sides need
> configuration AND a number of additional indices. This is likely where my
> problems arise.
I strongly advise only using refreshAndPersist.  I'm not sure why you are 
referring to random how-not-to-do things on the interweb.  You should use 
the OpenLDAP admin guide:


> Any thoughts?
Read the admin guide, as noted above.  The examples are still slapd.conf, 
but you can trivially translate those to what are necessary for cn=config.



Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:

Quanah - thanks for the response. Sorry to insult if I did - but thank you, I DID read the admin guide. Which as you have also pointed out uses slapd.conf examples. Since I am not knee-deep in commercial OpenLdap configuration every day (I am just a lowly IT admin, not a paid-to-openldap-person) I would disagree in that your comment that "conversion to cn=config" process isn't trivial, personally I get quite swamped by it, but push through as best I can. But if you're offering to convert my sample configs for me, I'd be happy to share them with you. Or perhaps you could help the community by providing some OLC config examples for the admin guide, that way us peons would be able to use that as our only official source instead of having to google to find "Random" help.

I *can* move to refreshAndPersist; but the service provides two documented options (information I got from reading the admin guide), the description for refreshOnly best fits my scenario and needs. I didn't read any reason as to *not* use - perhaps you're aware of a bug report that refreshOnly is broken?

Perhaps my research (which I'm sure isn't as broad as yours) just seemed to point to the fact that openldap will/may be depreciating the slapd.conf procedures, and that everyone should get on board with OLC as soon as possible. While I can perform the setup with slapd.conf (as noted in the admin guide), I was hoping to practice some useful technique I could use in the future.

So again thanks, but if it doesn't work out for me, perhaps I read on one of the last pages "check out 389 or ApacheDS instead".


Avast logo

This email has been checked for viruses by Avast antivirus software.