Im having a few issues wrapping my head around how schemas should be
implemented.
If I do a default install of openldap (2.4.23) on CentOS 6 the following
schemas are automatically included:
cn={0}corba.ldif
cn={1}core.ldif
cn={2}cosine.ldif
cn={3}duaconf.ldif
cn={4}dyngroup.ldif
cn={5}inetorgperson.ldif
cn={6}java.ldif
cn={7}misc.ldif
cn={8}nis.ldif
cn={9}openldap.ldif
cn={10}ppolicy.ldif
cn={11}collective.ldif
I assume this is done because it allows for a fairly flexible directory
that Just Works for nearly everyone.
However, many of these schemas contain attributes that I do not use, in
fact I can cut down the list of schemas that contain attributes I
knowingly use to the following list:
cn={0}core.ldif
cn={1}cosine.ldif
cn={2}inetorgperson.ldif
cn={3}nis.ldif
cn={4}customschema.ldif
My issue is that I am not sure if there is any benefit for removing the
unused schemas (i.e. I could have just added my customschema as
cn={12}customschema.ldif to the default install but I was worried there
would be a performance penalty or security issue with including the
unused schemas).
Is it advisable to remove unused schemas? Does including unused schemas
result in any sort of performance penalty (e.g. while booting or when
doing searches)?
If I want to use syncrepl to replicate my data do I have to have the
exact same list of schemas in the same order on the consumer (i.e. does
the number in the curly braces matter)? If I add a schema to a consumer
does it have to be added to the provider as well even if the attributes
it contains are unused?
