[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Olc deployment vs slapd.conf based deployment
- To: Radovan Semancik <radovan.semancik@evolveum.com>, openldap-technical@openldap.org
- Subject: Re: Olc deployment vs slapd.conf based deployment
- From: Howard Chu <hyc@symas.com>
- Date: Mon, 18 Sep 2017 13:44:11 +0100
- In-reply-to: <WM!3fb2737abcf7ce658a2017237acce334aff67bc1b6f36234483c863f1f6b0780401faf87184181aa4bd7d7390143e9ca!@mailstronghold-2.zmailcloud.com>
- References: <CALm_VjikYjnYEcrfKXYjm8AFt0VQ7EV1crGX=tXst3-RUbr7fQ@mail.gmail.com> <WM!5ccf6f006a0b3aa9abfbc3f9c9be3eb021708e582b17a98c6ed49d59b8e29485947e7650 daf5ed804e3554164491fa2d!@mailstronghold-1.zmailcloud.com> <78567B9241600A3CA0EAC7A6@[192.168.1.30]> <b9e230a5-1dc0-b01f-ae4d-d23e0cd21d3e@stroeder.com> <b7d93005-3de5-5b9a-630e-d93510bd9b44@ironicdesign.com> <WM!c441031e673082de9904bb70fc818ffda9b9f7dd5392e09c37cc5ccb7332246257b6daf5a456f233f94aa06df0aea0f3!@mailstronghold-1.zmailcloud.com> <77336596566E63C254BF34B5@[192.168.1.30]> <3508b356-63a5-f91d-6ba3-d885a2ff0529@evolveum.com> <WM!3fb2737abcf7ce658a2017237acce334aff67bc1b6f36234483c863f1f6b0780401faf87184181aa4bd7d7390143e9ca!@mailstronghold-2.zmailcloud.com>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0 SeaMonkey/2.53a1
Radovan Semancik wrote:
Hi,
The "cn=config" configuration method is clearly superior. However, there are
serious practical issues. Firstly, the documentation leaves a lot to be
desired. Until recently almost all examples shown the slapd.conf way,
cn=config equivalent was simply missing. Unless I have missed something most
manual pages still assume the slapd.conf configuration method. And so on.
These perennial arguments keep coming up. If you want things to improve,
contribute. Anyone can write a manpage. Hardly anyone ever does. Everyone sits
back and moans while waiting for someone else to fix things for them. That's
not what open source projects and communities are about.
Secondly, there are operations that simply cannot be done using ldpamodify in
cn=config (e.g. removal of a suffix database). And thirdly and most
importantly: it is a real pain to remember the configuration schema and write
a multi-line ldapmodify command-line even for simple operations.
In most cases you don't need to write multi-line ldapmodify commands. That's
what ordering prefixes are for.
Especially
given that you have to translate suffix names (dc=example,dc=com) to
configuration DNs (olcDatabase={1}mdb,cn=config), set up non-trivial
configuration (e.g. replication) and so on. The cn=config method may be
superior. But it is not user friendly. Not even close.
But, OpenLDAP is an open source project. If there is something that a user
does not like then there is always something that can be done about it. For
example, I like cn=config, but I hate the lack of tooling. Therefore I have
created the missing tools:
https://github.com/Evolveum/slapdconf
Again, if you want the project to improve - contribute. 3rd party tooling
dilutes the knowledge pool. If you think you've improved some aspect of the
code, contribute it back to the Project.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/