From: Ulrich Windl Sent: Wednesday, May 14, 2014 11:13 PM
Well if you want to sync your configuration with LDAP means, the LDAP representation (as well as DIT metadata) makes sense.
Yes, if you eat LDAP for breakfast, lunch, and dinner, dream about LDAP, and don't really work with anything else, then the LDAP-based configuration is probably great for you. If you manage dozens of other services for which you already have a well developed and flexible framework for managing configuration files, perhaps not so much.
with no luck. Why on earth would I spend the amount of time and effort
it
would take to implement flat text config file based dynamic reconfiguration when I can't even get engagement on what will likely be a five line
diff? On
If you see the server as an island, modifications are trivial, but if the
server is
part of an infrastructure, any change may break other parts of the infrastructure.
I'm not quite sure what you're addressing with this remark? Implementing flat text config file reconfiguration? The five line diff for increasing the granularity of the authentication failure attribute for the password policy module? Something else?
At that point one might argue that implementinc two mechanisms for the same thing is one too much, maybe.
Possibly. But assuming the "convert slapd.conf into LDIF" functionality isn't going away, then flat text config file reconfiguration would really be only a layer on top of that and the existing LDIF dynamic reconfiguration implementation.