--On Friday, September 15, 2017 12:49 AM +0200 Michael Ströder michael@stroeder.com wrote:
Personally I strongly prefer static configuration because it's so much easier to control it with the usual idempotent config management techniques (puppet, ansible, etc.) which you need for the rest of the system anyway.
Those are all systems designed to manage flat file configurations. cn=config is not a flat file configuration, so it makes sense they're fairly useless when confronted with a concept that's significantly more forward thinking.
I'd even state that it's a strong plus of OpenLDAP compared to other LDAP server implementations to still provide this configuration method.
I think it's a strong plus to be able to reconfigure a standalone server into an MMR cluster with zero downtime, along with other critical configuration bits, such as deploying new schema, additional overlays, etc. Being able to fully automate deployments w/o requiring restarts was an exceptional win for me.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com