On Wed, Apr 20, 2011 at 1:33 PM, Simone Piccardi <piccardi(a)truelite.it> wrote:
On 20/04/2011 17:42, Jose Ildefonso Camargo Tolosa wrote:
>> Modern OpenLDAP does not use slapd.conf. Please read the OpenLDAP Admin
> Quanah: actually, documentation is not yet complete for cn=config, I
> had to actually convert my slapd.conf to cn=config using slaptest in
> order to find out how to do the same I had on slapd.conf on cn=config.
That's the way I'm using it. And I suggest to anyone not needing to modify
configurations on the fly to use it that way.
Because apart the missing documentation, I found difficult having to deal
with the obscure attribute names and the complex directory structure (and
the not so explicative file names used under it) that I found in
Well, I actually got used to cn=config pretty quickly, nevertheless, I
still find easier to understand and modify the slapd.conf file than
the directory structure under slapd.d... it is definitely more complex
(and I don't think it is easier to modify using a LDAP administration
The "cn=config" replication suggested on the docs becomes useless when
you need to use TLS, because, AFAIK, we don't have a way of having
different TLS parameters for each replica (and, on a multi-master
setup, you will likely have different servers, with different names,
and thus: different SSL certificate).
I understand the needs for cn=config, but for the moment I don't need it.
Having a file with a simple syntax that I can read and modify instead of a
tree of LDIF files is far more convenient for me. So I hope that slapd.conf
will remain supported.
+1, we shouldn't drop slapd.conf file.
Simone Piccardi Truelite Srl
piccardi(a)truelite.it (email/jabber) Via Monferrato, 6
Tel. +39-347-1032433 50142 Firenze
Tel. +39-055-7879597 Fax. +39-055-7333336