Thilko Richter wrote:

I am now thinking about what happens to existing entries in the dit if the oids or names of the attribute definitons has changed? Are they invalid after ldap server restart?

This cannot be answered in general. LDAP server and client implementations differ regarding schema changes.

Some aspects:

Strictly speaking one should change the OID if the semantics of a schema description changed.

Except some really schema-aware clients (like my web2ldap) most client implementations don't care about OIDs at all. They handle attributes by NAME. => IMO you should also change the NAME in case of changed semantics if already lots of client applications use the old attribute type NAME and you cannot change them at once.

With OpenLDAP a change of the OID of an attribute type has *currently* no effect on existing entries. If you plan to change NAME in an attribute type description you have to export the data (slapcat), sanitize the affected entries (by processing the whole LDIF data) and re-import the data (slapadd).

Would you recommend not to renaming any elements in the schema?

Yes, if already many applications have hard-coded the use of the attributes.

I have seen that the attributes on existing entries disappeared if I change the name in the schema.

Which server? Which client? Hard to tell what you observed without further information.

Ciao, Michael.