I am in the process of rebuilding our ldap servers that are many years old to run on RH5. I basically took the existing slapd.conf file from the old server and am using it on the new server (minor changes). I did a slapcat on the old server, modified the schema a little and did a slapadd on the new. Systems seem to be able to authenticate against the new test server and things seem to function corretly. For now, the db backend is ldbm. It has the following index statements:
index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial
I'm unclear of when and if it is required to run slapindex on the new server. Is this something that should be done after slapadd and should it be done on a regular basis? I assume you should stop slapd when this is run.
Am Wed, 02 Feb 2011 09:49:04 -0700 schrieb ldap@mm.st:
I am in the process of rebuilding our ldap servers that are many years old to run on RH5. I basically took the existing slapd.conf file from the old server and am using it on the new server (minor changes). I did a slapcat on the old server, modified the schema a little and did a slapadd on the new. Systems seem to be able to authenticate against the new test server and things seem to function corretly. For now, the db backend is ldbm. It has the following index statements:
index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial
I'm unclear of when and if it is required to run slapindex on the new server. Is this something that should be done after slapadd and should it be done on a regular basis? I assume you should stop slapd when this is run.
As you did a slapadd and slapadd read index statements from slapd.conf there is no need to slapindex the database. But the ldbm backend worries me, as it is deprecated for ages already, that means you are still running an outdated openldap version.
-Dieter
n Wed, 02 Feb 2011 19:33 +0100, "Dieter Kluenter" dieter@dkluenter.de wrote:
Am Wed, 02 Feb 2011 09:49:04 -0700 schrieb ldap@mm">ldap@mm.st:
I am in the process of rebuilding our ldap servers that are many years old to run on RH5. I basically took the existing slapd.conf file from the old server and am using it on the new server (minor changes). I did a slapcat on the old server, modified the schema a little and did a slapadd on the new. Systems seem to be able to authenticate against the new test server and things seem to function corretly. For now, the db backend is ldbm. It has the following index statements:
index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial
I'm unclear of when and if it is required to run slapindex on the new server. Is this something that should be done after slapadd and should it be done on a regular basis? I assume you should stop slapd when this is run.
As you did a slapadd and slapadd read index statements from slapd.conf there is no need to slapindex the database. But the ldbm backend worries me, as it is deprecated for ages already, that means you are still running an outdated openldap version.
-Dieter
-- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:DA147B05 53°37'09,95"N 10°08'02,42"E
Yes, I guess we should move to bdm. Seems like a lot of configuration and tuning, which I'm not up on at the moment.
As far as slapindex, is it only necessary to run it if you add to the index directives? For instance, add uniqueMember to the line below:
index objectClass,uid,uidNumber,gidNumber,memberUid eq
Then stop slapd and run slapindex.
Am Wed, 02 Feb 2011 12:48:41 -0700 schrieb ldap@mm.st:
n Wed, 02 Feb 2011 19:33 +0100, "Dieter Kluenter" dieter@dkluenter.de wrote:
Am Wed, 02 Feb 2011 09:49:04 -0700 schrieb ldap@mm">ldap@mm.st:
I am in the process of rebuilding our ldap servers that are many years old to run on RH5. I basically took the existing slapd.conf file from the old server and am using it on the new server (minor changes). I did a slapcat on the old server, modified the schema a little and did a slapadd on the new. Systems seem to be able to authenticate against the new test server and things seem to function corretly. For now, the db backend is ldbm. It has the following index statements:
index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial
I'm unclear of when and if it is required to run slapindex on the new server. Is this something that should be done after slapadd and should it be done on a regular basis? I assume you should stop slapd when this is run.
As you did a slapadd and slapadd read index statements from slapd.conf there is no need to slapindex the database. But the ldbm backend worries me, as it is deprecated for ages already, that means you are still running an outdated openldap version.
[...]
Yes, I guess we should move to bdm. Seems like a lot of configuration and tuning, which I'm not up on at the moment.
This is quite simple, man slapd-bdb(5), and http://www.openldap.org/doc/admin24/slapdconfig.html#BDB%20and%20HDB%20Datab...
As far as slapindex, is it only necessary to run it if you add to the index directives? For instance, add uniqueMember to the line below:
index objectClass,uid,uidNumber,gidNumber,memberUid eq
Then stop slapd and run slapindex.
that's right.
-Dieter
openldap-technical@openldap.org
-
Dieter Kluenter -
ldap@mm.st