The cn=schema,cn=config entry contains the system schema (all the schema that is hard-coded in slapd).Ĭhild entries of cn=schema,cn=config contain user schema as loaded from config files or added at runtime. These may only be used if the -enable-modules option was used to configure the software. Additional settings are contained in separate child entries: The root of the tree is named cn=config and contains global configuration settings. The slapd-config configuration tree has a very specific structure. Other objects may be part of the configuration but were omitted from the illustration for clarity. A sample config tree is shown in Figure 5.1. There are specific objectClasses used to carry global configuration options, schema definitions, backend and database definitions, and assorted other items. ![]() The slapd configuration is stored as a special LDAP directory with a predefined schema and DIT. There may be additional contributed or experimental overlays that also have not been updated. As of OpenLDAP 2.4.33, all of the official backends have been updated. Note: You will need to continue to use the older nf(5) configuration system if your OpenLDAP installation requires the use of one or more backends or overlays that have not been updated to use the slapd-config(5) system. ldapadd(1), ldapdelete(1), or ldapmodify(1). Configuration changes should be performed via LDAP operations, e.g. Note: Although the slapd-config(5) system stores its configuration as (text-based) LDIF files, you should never edit any of the LDIF files directly. Refer to slapd(8) for information on how to have slapd automatically convert from nf(5) to slapd-config(5). Configuring slapd(8) via nf(5) is described in the next chapter. The older style nf(5) file is still supported, but its use is deprecated and support for it will be withdrawn in a future OpenLDAP release. ![]() This chapter describes the general format of the slapd-config(5) configuration system, followed by a detailed description of commonly used settings. allows all of slapd's configuration options to be changed on the fly, generally without requiring a server restart for the changes to take effect. ![]() stores its configuration data in an LDIF database, generally in the /usr/local/etc/openldap/slapd.d directory.is managed using the standard LDAP operations.OpenLDAP 2.3 and later have transitioned to using a dynamic runtime configuration engine, slapd-config(5). Once the software has been built and installed, you are ready to configure slapd(8) for use at your site.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |