Bug 44925 - index: Replicate LDAP index configuration via LDAP
index: Replicate LDAP index configuration via LDAP
Status: NEW
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 5.0
Other Linux
: P5 enhancement (vote)
: ---
Assigned To: UCS maintainers
UCS maintainers
:
Depends on: 41837
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-03 21:56 CEST by Arvid Requate
Modified: 2023-05-24 08:32 CEST (History)
4 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Further conceptual development
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2017-07-03 21:56:30 CEST
Bug 26785 introduced the registration and replication of schema and ACL extensions but the LDAP indices still have to be configured locally on each server.

Felix today discussed an issue, where an app caused the local LDAP server to not start any longer because it had configured LDAP indices for a new attribute that had not been schema-replicated yet to the server.

We discussed two options:

A) Adjust schema replication in replication.py to always lookup and copy the index configuration from the upstream LDAP server.

B) Support registration of LDAP index extensions just like we do it for ACLs and schema.


In combination with Bug #43515 this would bring up this feature, mentioned in the OpenLDAP FAQ:

  Note: [slapdindex] is not needed when using the new dynamic configuration
  (back-config with suffix cn=config) and index configuration is changed
  via LDAP modify operation. In this case a new index is automatically
  generated by slapd.

That sounds cool to me.
Comment 1 Ingo Steuwer univentionstaff 2019-03-27 11:29:53 CET
If we implement this we must keep the possibility to have different / individual index configurations in a UCS domain, i.e. for different DC Slave types (servers for the Mailstack might need other indexes than those for a file service). The individual configuration can be done in UCR - no need to do that in LDAP.