Univention Bugzilla – Bug 44925
index: Replicate LDAP index configuration via LDAP
Last modified: 2023-05-24 08:32:20 CEST
Bug 26785 introduced the registration and replication of schema and ACL extensions but the LDAP indices still have to be configured locally on each server. Felix today discussed an issue, where an app caused the local LDAP server to not start any longer because it had configured LDAP indices for a new attribute that had not been schema-replicated yet to the server. We discussed two options: A) Adjust schema replication in replication.py to always lookup and copy the index configuration from the upstream LDAP server. B) Support registration of LDAP index extensions just like we do it for ACLs and schema. In combination with Bug #43515 this would bring up this feature, mentioned in the OpenLDAP FAQ: Note: [slapdindex] is not needed when using the new dynamic configuration (back-config with suffix cn=config) and index configuration is changed via LDAP modify operation. In this case a new index is automatically generated by slapd. That sounds cool to me.
If we implement this we must keep the possibility to have different / individual index configurations in a UCS domain, i.e. for different DC Slave types (servers for the Mailstack might need other indexes than those for a file service). The individual configuration can be done in UCR - no need to do that in LDAP.