Am Thu, 15 Sep 2016 15:12:16 +0200 schrieb "Ralf Mattes" r.mattes@mh-freiburg.de:
First, juat to be clear: thank you for your valuable help and please don't take my comments personally.
Am Donnerstag, 15. September 2016 09:46 CEST, Dieter Klünter dieter@dkluenter.de schrieb:
I _knew_ I read about that at some time. This (slapd-relay) looks exactly like what I need. Unfortunately this means I need to to dive down into the labyrinth of (not existing) dosumentation.
Just read manual pages slapd-relay(5) and slapo-rwm(5) that is all the documentation you should need.
That's how it should be, but in reality:
- non of the documentation even mentions the "new" live
configuration. Ironically, every time someone postsher/his old-style slapd configuration on this very list she/he's told "use the online configuration".
Oh, and changing from the old style configuration to the new oneis _not_ just an "add 'olc' in front of the parameters". For example I can't find the rwm-suffixmassage parameter in the olc-Attributes.
- The documentation fails to mention some rather important
prerequisits: the need to load 'back_relay', the need to load 'rwm'.
- The documentation really should mention that a (miss-)configured
database can't be removed from the server. Better get it right the first time ... :-)
- While looking for more information I found out that the
documentation in the manpage (slapd-relay(5)) is _not_ the same as the documentation in the source code:
.../openldap-2.4.44/servers/slapd/back-relay/READMEmentions a "mapping" keyword that isn't mentioned in the manpage. Oh, and no mention of the olc-variants either.
BTW, the olcRelay attribute seems to be defined with the OMsDN syntax which seems to prevent Apache Directory Studio to edit this value to add the "mapping" keyword.
O.k. enough ranting and on with configuration.
That's why i still use slapd.conf for intial setup, and after final configuration transform slapd.conf into config database. slaptest -f /path/to/file -F path/to/directory, directory is most likely /etc/openldap/slapd.d
-Dieter