On 11/15/23 1:58 PM, Ben Poliakoff wrote:
This is more of a practical question than a technical one, but it's prompted by a technical change: I'm *very* **very** belatedly transitioning from flat file slapd.conf config to slapd.d/OLC.
With flat file configuration, it was straightforward to include text comments (e.g. "# blah blah"), but as far as I know there isn't any sort of analog for comments, when using slapd.d. Looking for any tips about how best to annotate slapd configuration, in a slapd.d/olc world. Does anyone have a practice that they find works well for them? Do people just maintain separate documents/wiki pages/etc that describe their servers' configs?
Ben
having jumped into LDAP after the switch to OLC started, i dove into the OLC configs and really tried to learn how the new mechanism worked. i like the benefit of the online updates where changes to the instance occur without having to stop/start. i use fedora, and it includes the file /usr/share/openldap-servers/slapd.ldif which serves as a base config example, with comments in it. i have modified that and then added its contents via slapadd or ldapadd.
as a jumping off point, you might look at "slaptest -f <flat slapd.conf file> -F <slapd.d dir>". this will actually convert from old to new format and may offer an opportunity to see what you flat config would look like in OLC format.
when i wanted to add new object, entries, etc, i often create a purposefully named ldif file, and add the syntax to it that is needed for the specific purpose. i have a myriad of files named according to what the action is or the function of the ldif file is, like CacheModule.ldif and CacheOverlay.ldif. this helps me compartmentalize the configs and not be overwhelmed with everything else going on.
i have found the phpLDAPAdmin project, which provides a browser based admin UI, to be invaluable. getting past the syntax of LDAP allows me to be focused on what i need to do, and not how i need to do it, though you do still need to have proper structure in the syntax you're working with.
HTH
brendan