Radovan Semancik wrote:
Hi,
The "cn=config" configuration method is clearly superior. However, there are serious practical issues. Firstly, the documentation leaves a lot to be desired. Until recently almost all examples shown the slapd.conf way, cn=config equivalent was simply missing. Unless I have missed something most manual pages still assume the slapd.conf configuration method. And so on.
These perennial arguments keep coming up. If you want things to improve, contribute. Anyone can write a manpage. Hardly anyone ever does. Everyone sits back and moans while waiting for someone else to fix things for them. That's not what open source projects and communities are about.
Secondly, there are operations that simply cannot be done using ldpamodify in cn=config (e.g. removal of a suffix database). And thirdly and most importantly: it is a real pain to remember the configuration schema and write a multi-line ldapmodify command-line even for simple operations.
In most cases you don't need to write multi-line ldapmodify commands. That's what ordering prefixes are for.
Especially given that you have to translate suffix names (dc=example,dc=com) to configuration DNs (olcDatabase={1}mdb,cn=config), set up non-trivial configuration (e.g. replication) and so on. The cn=config method may be superior. But it is not user friendly. Not even close.
But, OpenLDAP is an open source project. If there is something that a user does not like then there is always something that can be done about it. For example, I like cn=config, but I hate the lack of tooling. Therefore I have created the missing tools:
Again, if you want the project to improve - contribute. 3rd party tooling dilutes the knowledge pool. If you think you've improved some aspect of the code, contribute it back to the Project.