On 11-06-29 12:28 PM, Mark Cave-Ayland wrote:
On 29/06/11 16:50, Simone Piccardi wrote:
> I think that putting the cn=config backend in some other directory
> instead of /etc/ldap/slapd.d (that's for Debian, don't know for other
> distributions) could help a lot.
> Most sysadmin expect to find text configuration files under /etc, not a
> kind of testual DB. I already filed a bug for Debian because that choice
> is like looking for trouble.
> Having it in a binary format could be even better, so people will not
> mislead thinking they are some kind of split configuration files.
Hmmm - that's an interesting thought. It probably should be under
/var/lib/slapd-config or similar as it is effectively a database
rather than a configuration file.
My understanding is that touching the files in /etc/ldap/slapd.d is a
definite no-no once the LDAP directory has been initialised, which is
why I'm interested in Howard showing us his workflow for working on
schemas so I can document it.
Question is why the /etc/openldap/slapd.d file structure is there for
users to edit in the first place? Wouldn't it be even more misleading if
the running one is modified on the fly while the one in slapd.d/ is not?
A bunch of online tutorials and howtos are actually asking people to
touch those files, such as cn=config file at least for initial setup.