[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Installation openLDAP in Debian



On Wed, Apr 20, 2011 at 4:18 PM, Howard Chu <hyc@symas.com> wrote:
> Jose Ildefonso Camargo Tolosa wrote:
>>
>> On Wed, Apr 20, 2011 at 2:53 PM, Howard Chu<hyc@symas.com>  wrote:
>>>
>>> The tree of files is not meant for you to ever look at or modify
>>> directly.
>>> Just use slapcat or ldapsearch. If you know anything about LDAP at all
>>> this
>>> is MUCH easier than editing flat text files, since you can use any LDAP
>>> tool
>>> (commandline or GUI) to do all the administration.
>>
>> I don't find complex to directly modify the files, actually, I find it
>> easier than having to write a ldif modification script every time I
>> need to apply a change! I just go ahead and edit the corresponding
>> ldif file on slapd.d
>
> You are editing the backing store of a slapd internal database. If slapd is
> running while you're doing this, you will probably corrupt the database.
> Even if slapd is not running, you'll probably corrupt the database.

Ok, I'll fall for this: how in the world can I corrupt a text (ldif)
file? I have done that for quite some time, and I have never had a
single issue with it.  Off course, I need to restart slapd to make it
use my changes, but it is not big deal on my environment (for other
environments, you can use ldapmodify (or similar) and make changes on
the fly).

Btw, how does OpenLDAP currently handles when you do a really bad
change to openldap parameter via ldapmodify?  if I edit the ldif files
(on slapd.d), I can actually use slaptest to validate it, before I
restart the daemon.