[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Why built-in schemas are a bad idea

To: Quanah Gibson-Mount <quanah@symas.com>, Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>, openldap-technical@openldap.org
Subject: Re: Why built-in schemas are a bad idea
From: Michael Ströder <michael@stroeder.com>
Date: Wed, 7 Nov 2018 19:02:29 +0100
Autocrypt: addr=michael@stroeder.com; prefer-encrypt=mutual; keydata= xsBNBFbdnRoBCADj0vYA4aRwKJ6AE4mf8oElLgMT/1eLNKpJ2FYBWcwj9d8dTk5/p9b8DRxy S/qQIUUZqt9xRFZwUCm0vFeQMRDeN9xzAKoRzrJifoDOacOjG1lhZTKYvVZGgUT89Ao3QeHh Q7gPzcAKNoueoR2y3FXStOYuRrbk5PlSjVAITjsotgc7PWE9mmVYpeu8a+byK/DBHKUyolOA 1UXYvDa7MbPhMtdNm8qnwtKs1Vsyk1VkErM+5cIe+zTT6WYQcmZMRjCtWGiFTzk9W6Mdlskk WRTKhKNgokTsgcy1ecaCBUZWxv/SyXgD81+rwRi9b8Px+1reg43ayxi8sV7jrI1feybbABEB AAHNJ01pY2hhZWwgU3Ryw7ZkZXIgPG1pY2hhZWxAc3Ryb2VkZXIuY29tPsLAdwQTAQgAIQUC Vt2dGgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRAH3HrjaovJOFpTCACjO773gcmJ KvzjiNpUFl/gANyaJgIq4VbMQ7VthRb1F9X6YbdJ6Z99ntyESjGFCpjofcSomr2vJDpv6ht+ lY33yo20YwsMpqe2OeId0jPybG+FtabKjgBNoAk7iqnBGUvE4t0dz0n1LQVCQR2jxyTKmcNq OYpsRZ3H+6kWwJMuVgsNZglINVZ8JgV5QuLYN5jhYz+pOuFnU11bV6nWREvzZXzebe7g7Zus 6AsWjtJ0lDvgBNzLlF3/eFrVch6Bejs0SvuFseIdZQk+4YU6Rb8xul/jDFXIfo7eTmijO3dV T5AmC1cUi8czncwpgAJnEH8vYv23RoN/aw2gSMCS2huIzsBNBFbdnRoBCAC7L1cTVBVZZuM/ yxSUM5CsgGBlTD1Cr7C2ngZFsHSYXVLq6NUB8GZA2iLK96CrwnFw4/Jjz4llOjc50iVRMQKL RyFWOJAMrpPq2ew5T+Uoo524D//dwVbqkFVVuvM8NPiKIDyPGCjP+acM1D8hXwhOXgQ8Iz8Q 3/GRSYjitn9JrkF0ia2nhariznBKVu0LDffxF/hOCx45+QRR2/rYYlshfZMB7nEJX9P+hVfM CSzltz9Z8CldeUbiJvnyrISReR2XBw9oh8JkIUP0BtpIaify9A7EfzOk+W9BUnWe+YwdSUsB fJxOhSv+umyW5GMqZGFu+4oYnkzbe+1LUs1JarCtABEBAAHCwF8EGAEIAAkFAlbdnRoCGwwA CgkQB9x642qLyTjEUgf+JX6Atatl/QKe37yCj1OZYNPd3B0rPLJRF5mEmrADRXLZC9+uFeDS Wxxln040gnR6rjBHrRcvVmlTDiZY26iuL16+V+0/aZ9uyXNQSzk2cwDSiI/8gvr72Y+FN5fh cGXpeNHxHilYc9onzDhxyE76cwzqTKm4q2ULIH2u9IHQ5O86Fv6nHPYhe2fy1bhQapNwi/Xl 3G3i2WNH/w7m+1zWU1IddZOjmXzoxLT1BATwXGa0Tt5RjVb2mM1Wg3Zj6kqFkF2vvKcvrwj0 q0Ap5uyfN5m0uWzQMCMoaV9HQf7f5MkS1lnwBqDgnojjVAieX5uk7olUiRuPKHMfhvXulYP8 AA==
In-reply-to: <3AEBE848A92A03E0D012D0D4@[192.168.1.39]>
Openpgp: preference=signencrypt
References: <5BE2B8ED020000A10002DFB3@gwsmtp1.uni-regensburg.de> <bf165c91-6218-fd96-9b94-468482a22b85@stroeder.com> <3AEBE848A92A03E0D012D0D4@[192.168.1.39]>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.0

On 11/7/18 6:37 PM, Quanah Gibson-Mount wrote:
> --On Wednesday, November 07, 2018 6:29 PM +0100 Michael Ströder
> <michael@stroeder.com> wrote:
> 
>> Even if the build configuration would not have changed there has been
>> syncrepl interop issues between different releases in the past. So I
>> would not expect this to always work.
> 
> There was an issue with ppolicy in one release, but outside of that
> nothing that I'm aware of.  ppolicy needs a bit of work to fix its
> current mix of external and internal schema which would resolve such
> issues long term, but isn't a problem with other portions of OpenLDAP.

As I understand Ulrich, the old SLES11 package does not even support the
module load directive to be added.

That's why I think that his expectation that rolling upgrades with
replicated cn=config always just work cannot be met.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: Why built-in schemas are a bad idea
  - From: Quanah Gibson-Mount <quanah@symas.com>

References:
- Why built-in schemas are a bad idea
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
- Re: Why built-in schemas are a bad idea
  - From: Michael Ströder <michael@stroeder.com>
- Re: Why built-in schemas are a bad idea
  - From: Quanah Gibson-Mount <quanah@symas.com>

Prev by Date: Re: Why built-in schemas are a bad idea
Next by Date: Re: Why built-in schemas are a bad idea
Index(es):
- Chronological
- Thread