Re: Official way to import schema with cn=config

Mon, 04 Apr 2022 21:27:34 -0700 




--On Tuesday, April 5, 2022 8:44 AM +0800 David Timber <[email protected]> 
wrote:



You didn't read my original mail. Let me clearify again.

The point was that why I have to make a separate conf file to feed it to
slaptest to generate ldif whereas with slapd.conf you can just use
include. And another problem with cn=config is that if you wanna add a
schema, you have to either rebuild the entire schema attributes or
handcraft ldif with proper starting {} index(ldapadd will not do this for
you).

cn=config: 1 text editor, 2 tools, 2 files involved
slapd.conf: 1 text editor involved

to achieve the same goal.

If you don't see a problem here, just stay out of it.



I did read your email, I understood it perfectly, but it's abundantly clear 
you were unable to grasp my answer.



To be clear, cn=config is a DATABASE it is NOT A TEXT FILE.  You should 
never be using a text editor on the contents under cn=config. If you need 
to manipulate a text version of it, EXPORT it to LDIF with slapcat.



If you have a cn=config LDIF file you will be loading via slapadd, you can 
trivially use an "include" line just like in the gist I linked you. 
Otherwise, if you're online, you can simply use ldapadd.  As far as 
ORDERING is concerned, you can use weights to tweak the order when you 
ldapadd it, but you would have to mildly tweak the input LDIF file (so then 
an editor is involved).  For example, using the java.ldif file:



dn: {3}cn=java,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: {3}java
....



And you're literally missing the point that a ".schema" file is a syntax 
specific to slapd.conf and a ".ldif" file is a syntax specific to 
cn=config.  Just as you cannot load a ".schema" file into cn=config, you 
cannot load a ".ldif" file into slapd.conf.  The two things are 
*equivalent* representations for their respective configuration types.  In 
the future, expect only ".ldif" files to get shipped once we finalize 
deprecating slapd.conf.



You seem to lack a fundamental concept of what cn=config is and of how to 
correctly utilize it.  That's not the projects faults and I'd expect you 
actually spend some time learning how things operating before criticizing 
it out of ignorance.


Regards,
Quanah






















					Reply via email to