It is clear from the man slapo-sssvlv(5) page that when slapd.conf is being used, the options should appear after the overlay directive. Even I got this. Where those options should go when cn=config is used? I do not understand it from the man page. Is this something to be specified using ldapmodify?
You need to use ldapadd with ldif like this:
dn: olcOverlay=sssvlv,olcDatabase={1}bdb,cn=config objectClass: olcSssVlvConfig olcOverlay: sssvlv olcSssVlvMax: 10 olcSssVlvMaxKeys: 5
something like
ldapadd -x -w <password> -D cn=config -f <ldif file>
Thank you Chris,
This is exactly what I needed. Should I put the leif file into the /etc/ldap/slapd.d/cn=config/cn=schema directory or /etc/ldap/slapd.d/cn=config/ directory? What is the recommended place? [I see that -D is to specify binddn, yet I am not sure whether LDIF should go there. Sorry for being stupid.]
Don't update anything under /etc/ldap/slapd.d/cn=config by hand!
The configuration is held in an LDAP directory with suffix cn=config, and you add stuff to it in exactly the same way as any other LDAP directory, using ldapadd, ldapmodify etc.
The fact that you can see files under /etc/ldap/slapd.d/cn=config is just an artifact of the implementation of the cn=config db in openldap, and I believe it is planned to change the implementation in the future.
Where should I put the ldif file, then?
It doesn't matter where, it's just a source file. The ldapadd utility will send the ldif to the LDAP server, and the LDAP server will update the cn=config directory.
Chris