[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: quick-start guide out-of-date



On Wed, Oct 20, 2010 at 7:54 AM, Buchan Milne
<bgmilne@staff.telkomsa.net> wrote:
> Assuming you didn't install from source, consult whoever provided you with
> OpenLDAP without a slapd.conf.

I'm guessing that's Canonical; the slapd package shipped for Ubuntu
has no slapd.conf, just a slapd.d/cn=config tree.  Maybe they jumped
the gun a bit, but I've seen lots of (at least unofficial) mentions
that the slapd.conf style is outdated and back-config is the way to
go.  Which makes using slapd.conf for a brand new installation feel
unwise.  Old-fashioned, at best.  I seem to recall reading as much in
the documentation somewhere, too, but I won't swear to it.

However, the new hotness is not, as far as I can tell,
well-documented.  Things like slapd-ldap(5)'s CONFIGURATION section
say absolutely nothing about back-config; I had to read the source
code to find the mapping from configuration parameters (like
"acl-authcDN") to LDAP attributes (like "olcDbACLAuthcDN").  So,
currently, it seems the easiest way to create a back-config is to
write a slapd.conf and then convert it with slaptest.

All of which is bound to leave the beginning openldap admin a tiny bit
confused.   What's considered best practice right now for new
installs?

-- 
Mark J. Reed <markjreed@gmail.com>