I'm curious if the tactics described in this thread are currently sufficient:
http://www.openldap.org/lists/openldap-software/200608/msg00152.html
The thread overall suggests the tried-and-true tactic of using slapcat to extract and LDIF file, to be imported later. But, our application's DB if large enough that reimportation is prohibitive.
We're using OpenLDAP 2.3.43 under CentOS 5.7.
What we're doing currently is:
- stopping slapd - using db_checkpoint and db_archive to manage the BDB logs - copy away the directory - restart slapd
This results in a window of time during which the LDAP server is not available.
My hope was that my managing the olcReadOnly attribute via the config database (or as that cited message in the thread suggests, use the monitor database), we could perform those middle two steps while leaving a RO server in place.
Is that feasible? Recommended?