Hello,
We've inherited an N-way multi-master setup (based on CentOS OpenLDAP v. 2.4.39) which was setup with text conf in slapd.conf instead of online configuration in cn=config.
Due to various dependencies from other internal systems we can't migrate to online configuration quickly, but we to urgently have to add an additional schema to our cluster. My Google-fu and wading through the openldap list archives was unsuccessful.
I suppose that adding a new schema to such a setup would require the following steps:
1. stop all instances in the cluster 2. add schema to all instances to /etc/openldap/schema 3. start all instances in the cluster
Would this be the correct approach or is there something else I should be aware of?
Regards, Martin Božič
--On Wednesday, October 10, 2018 9:32 AM +0200 Martin Božič martin.bozic@arnes.si wrote:
Hello,
We've inherited an N-way multi-master setup (based on CentOS OpenLDAP v. 2.4.39) which was setup with text conf in slapd.conf instead of online configuration in cn=config.
Due to various dependencies from other internal systems we can't migrate to online configuration quickly, but we to urgently have to add an additional schema to our cluster. My Google-fu and wading through the openldap list archives was unsuccessful.
I suppose that adding a new schema to such a setup would require the following steps:
- stop all instances in the cluster
- add schema to all instances to /etc/openldap/schema
- start all instances in the cluster
Would this be the correct approach or is there something else I should be aware of?
You have to modify the slapd.conf file to add an include statement for each schema file you want it to load.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
You will probably need to edit your slapd.conf file too. i.e. add a line like:
include /usr/local/etc/openldap/schema/kerberos.schema
before restarting slapd
On Oct 9, 2018, at 11:32 PM, Martin Božič martin.bozic@arnes.si wrote:
Hello,
We've inherited an N-way multi-master setup (based on CentOS OpenLDAP v. 2.4.39) which was setup with text conf in slapd.conf instead of online configuration in cn=config.
Due to various dependencies from other internal systems we can't migrate to online configuration quickly, but we to urgently have to add an additional schema to our cluster. My Google-fu and wading through the openldap list archives was unsuccessful.
I suppose that adding a new schema to such a setup would require the following steps:
- stop all instances in the cluster
- add schema to all instances to /etc/openldap/schema
- start all instances in the cluster
Would this be the correct approach or is there something else I should be aware of?
Regards, Martin Božič
On 10/10/18 8:32 AM, Martin Božič wrote:
We've inherited an N-way multi-master setup (based on CentOS OpenLDAP v. 2.4.39) which was setup with text conf in slapd.conf instead of online configuration in cn=config.
slapd.conf is still fine and will even be supported in 2.5.
I suppose that adding a new schema to such a setup would require the following steps:
- stop all instances in the cluster
- add schema to all instances to /etc/openldap/schema
- start all instances in the cluster
If you're just adding *new* schema you can do this one-by-one, as long as you don't add data requiring the new schema to any of the MMR providers. So you could avoid the down-time with some extra caution. After installing the new schema to all MMR providers you can add data using the new schema.
Just add this line to slapd.conf:
include /path/to/additional.schema
Note:
The new schema file (which one?) might require other schema files to be loaded before. So probably add the include statement *after* all the other schema-include statements.
If the new schema also contains a change to *existing* schema for already *existing* data you might also have to reload the database.
Ciao, Michael.
openldap-technical@openldap.org
-
Martin Božič -
Michael Ströder -
Quanah Gibson-Mount -
Scott Classen