--On Monday, February 09, 2009 5:40 PM +0000 Andrew Hall
2009/2/9 Quanah Gibson-Mount <quanah(a)zimbra.com>:
> I'm not sure why you feel it is necessary to set the server read-only
> before you run slapcat anyway.
It was purely in relation to point 18.1.2 in this doc...
"Slapcat can be run while slapd is active. However, one runs the risk
of an inconsistent database- not from the point of slapd, but from the
point of the applications using LDAP. For example, if a provisioning
application performed tasks that consisted of several LDAP operations,
and the slapcat took place concurrently with those operations, then
there might be inconsistencies in the LDAP database from the point of
view of that provisioning application and applications that depended
on it. One must, therefore, be convinced something like that won't
happen. One way to do that would be to put the database in read-only
mode while performing the slapcat."
Right, and this only becomes an issue if you later restore from that
slapcat, and you have no way to deal with this in your provisioning system.
And at that point, you're fairly screwed anyway, because if you can't
handle going from point A -> point B in your provisioning system, you'll
never get your LDAP servers consistent with it anyway.
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration