--On Monday, May 21, 2012 4:09 PM -0400 Bobby Krupczak <[email protected]>
wrote:
Hi!
OpenLDAP's dynamic configuration mechanism was released in 2005. It
does not change every other release. It's not our fault if your
distro is so behind the times.
Interesting. My machine is admittedly a little out of date but given
how much fun it is to upgrade these various services, you have all
grant me just a tiny amount of slack. The old machine is running
openldap 2.3.30 circa 2007.
Also, if the new config format has been out that long, I'm kinda
surprised that the config conversion has been so hard.
Conversion is not difficult at all. You use the slaptest utility to
convert a conf file to cn=config. That is a single command. It would be
hard to get any simpler than that.
I believe the majority of your issues stem from using your distributions
build. For example, you are using Fedora. Fedora links OpenLDAP to NSS
rather than the standardized OpenSSL. That NSS support was written by
RedHat, and has had a large number of issues, which are still in the
process of being resolved. If you were to follow my advice, and build your
own OpenLDAP, linked to the industry standard OpenSSL, a large number of
the problems you have encountered would simply go away.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
