Karsten Heymann wrote:
just an unfinished thought, but one important point seems to be that it's not easily possible to compare the current configuration state when using back-config with a defined config state stored in a configuration. Shouldn't ldapdiff (https://launchpad.net/ldapdiff) be able to do this (compare the state of cn=config with a known config state managed in a central repository)?
I will write a decent ldapdiff within 15 min. myself. But reliably applying the config is the real problem if you think it to the end. And basically you'll end up doing the very same like maintaining a static configuration file.
The possibility of static configuration (with comments) is a big plus of OpenLDAP compared to other LDAP servers.
Ciao, Michael.