Hi!

I used to dump the OpenLDAP databases using slapcat (as suggested for backup). As an optimization I avoid storing identical databases. However I had seen changes that actually were not made, so my question:

Is slapcat expected to be stable, i.e. report entries and attributes in a specific ordering? Is slapadd expected to be stable, i.e. add entries and attributes the same way when they come from the same LDIF file?

I had just removed the entryCSN on cn=config, and I see differences after removing and rebuilding the config database that were not made in the LDIF file:

--- /tmp/1 2013-07-12 14:49:35.000000000 +0200 +++ /tmp/2 2013-07-12 14:49:35.000000000 +0200 @@ -4,6 +4,10 @@ olcArgsFile: /var/run/slapd/slapd.args olcAuthzRegexp: {0}gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth dn :cn=config +olcLogLevel: config +olcLogLevel: stats +olcLogLevel: sync +olcLogLevel: none olcPidFile: /var/run/slapd/slapd.pid olcServerID: 1 ldap://rksapds1.site olcServerID: 2 ldap://rksapds2.site @@ -19,10 +23,6 @@ entryUUID: db3f4d44-7c0e-1032-81c4-d54356bd918f creatorsName: cn=config createTimestamp: 20130708113956Z -olcLogLevel: config -olcLogLevel: stats -olcLogLevel: sync -olcLogLevel: none entryCSN: 20130712095650.995134Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20130712095650Z @@ -2152,12 +2152,12 @@ dn: olcDatabase={2}monitor,cn=config objectClass: olcDatabaseConfig olcDatabase: {2}monitor +olcAccess: {0}to dn.subtree="cn=monitor" by dn.base="cn=Admin,dc=censored + ,dc=uni-regensburg,dc=de" write by users read by * none structuralObjectClass: olcDatabaseConfig entryUUID: 20f4a254-7f1a-1032-9c35-67ae7acd0417 creatorsName: cn=config createTimestamp: 20130712083810Z -olcAccess: {0}to dn.subtree="cn=monitor" by dn.base="cn=Admin,dc=censored - ,dc=uni-regensburg,dc=de" write by users read by * none entryCSN: 20130712085712.643156Z#000000#000#000000 modifiersName: cn=config modifyTimestamp: 20130712085712Z

Regards, Ulrich