Hi everyone,
SUMMARY :
IN A DAY TO DAY ADMINISTRATION, SHOULD I EDIT SLAPD.CONF AND USE SLAPTEST TO TRANSLATE INTO SLAPD.D STYLE OR SHOULD I EDIT DIRECTLY FILES IN SLAPD.D AND DEFINITIVELY REMOVE THE SLAPD.CONF FILE ?
IN THE FORMER CASE, IS THERE A DOCUMENTATION THAT DOESN'T MIX SLAPD.CONF WITH SLAPD.D STYLE (I'm a bit confused with examples I find to be honnest).
Additional info about my question :
I just start with ldap and I want to deploy an internal ldap directory that will be used for various application (authentication, information about staff in the company, etc). We are fresh, therefore we start "from scratch".
I'm playing with tan openldap server 2.4 installed on a fedora.
The documentation about the slapd configuration file(s) is not quite clear to me : I find information about how to configure the server by editing "slapd.conf", and at the same time this documentation says that this file is obsolete and configuration files should now now be stored in "slapd.d" directory.
I have managed to edit a correct slapd.conf file and I translated it to a slapd.d style using slaptest utility : slapd is runing and I can query my directory... ok !
But could some tell me what is the PROPER way to now maintain and admininistrate an operational openldap directory : slapd.conf or slapd.d style ?
THANKS FOR YOUR HELP !
--- Olivier
On Mon, Apr 18, 2011 at 10:50 AM, Olivier ldap@guillard.nom.fr wrote:
Hi everyone,
SUMMARY :
IN A DAY TO DAY ADMINISTRATION, SHOULD I EDIT SLAPD.CONF AND USE SLAPTEST TO TRANSLATE INTO SLAPD.D STYLE OR SHOULD I EDIT DIRECTLY FILES IN SLAPD.D AND DEFINITIVELY REMOVE THE SLAPD.CONF FILE ?
IN THE FORMER CASE, IS THERE A DOCUMENTATION THAT DOESN'T MIX SLAPD.CONF WITH SLAPD.D STYLE (I'm a bit confused with examples I find to be honnest).
Additional info about my question :
I just start with ldap and I want to deploy an internal ldap directory that will be used for various application (authentication, information about staff in the company, etc). We are fresh, therefore we start "from scratch".
I'm playing with tan openldap server 2.4 installed on a fedora.
The documentation about the slapd configuration file(s) is not quite clear to me : I find information about how to configure the server by editing "slapd.conf", and at the same time this documentation says that this file is obsolete and configuration files should now now be stored in "slapd.d" directory.
I have managed to edit a correct slapd.conf file and I translated it to a slapd.d style using slaptest utility : slapd is runing and I can query my directory... ok !
But could some tell me what is the PROPER way to now maintain and admininistrate an operational openldap directory : slapd.conf or slapd.d style ?
From what I have read, the slapd.conf file is going away, so you should use ldifs instead. Also, most of the stuff you would have setup in slapd.conf (backend stuff like ACLs) should not change during day-to-day operations (frontend stuff like users, groups, and machine accounts). In any case, both backend and frontend stuff can be edited using ldapadd/ldapmodify/etc while server is up and running.
That is AFAIK, of course. Which means I could be horribly wrong.
THANKS FOR YOUR HELP !
Olivier
openldap-technical@openldap.org
-
Marc Patermann -
Mauricio Tavares -
Olivier