> On Mar 9, 2021, at 00:46, Michael Ströder <[email protected]> wrote:
>
> On 3/8/21 11:17 PM, Quanah Gibson-Mount wrote:
>> There's no downsides to enabling schema checking on the consumers.
>
> AFAICT schema checking cannot be disabled for slapd in general. Not sure
> since which version the schemacheck directive was dropped. I guess since
> 2.4.x.
>
> So schema checking can only be disabled with "schemachecking=off" within
> syncrepl directive. slapd.conf(5) says "off" is the default and as
> use-case it mentions partial replication.
>
>> If the consumer receives an attribute
>> it doesn't know about in the schema, it won't know how to correctly
>> store the data in the db, particularly if you want to later use it for
>> indexing, since it won't know the syntax.
>
> Yes, indexing won't work without correct SYNTAX in attribute type
> description.
>
> So I agree schema should be correct on consumers. Everything else is
> asking for trouble.
>
> The new schema including new indexing should be installed on consumers
> before the first new attribute values hits the consumer.
I’d also note the new schemas need to be added in the same order on all nodes.
I’ve hit an issue a couple years ago were 2 new schemas took different numbers
in cn=config style setting and openldap started complaining. Took quite a while
to figure out.
> This can get
> pretty tricky in corner cases though, e.g. new MUST attributes in
> existing object classes.
>
> Ciao, Michael.
