< |
=== END glossary.html ===
=== START index.html ===
26c26
< 30 June 2015
---
> 5 February 2016
=== END index.html ===
=== START install.html ===
55,61c55,57
< OpenLDAP's slapd(8) BDB and HDB deprecated database backends require Oracle Corporation Berkeley DB. If not available at configure time, you will not be able to build slapd(8) with these primary database backends.
< Your operating system may provide a supported version of Berkeley DB in the base system or as an optional software component. If not, you'll have to obtain and install it yourself.
< Berkeley DB is available from Oracle Corporation's Berkeley DB download page http://www.oracle.com/technology/software/products/berkeley-db/index.html.
< There are several versions available. Generally, the most recent release (with published patches) is recommended. This package is required if you wish to use the deprecated BDB or HDB database backends.
<
< Note: Berkeley DB version 6.0.20 and later uses a software license that is incompatible with LDAP technology and should not be used with OpenLDAP.
<
---
> OpenLDAP's slapd(8) BDB and HDB deprecated database backends require Oracle Corporation's Berkeley DB. If not available at configure time, you will not be able to build slapd(8) with these deprecated database backends.
> Your operating system may provide a supported version of Berkeley DB in the base system or as an optional software component. If not, you'll have to obtain and install it yourself. Berkeley DB is available from Oracle Corporation's Berkeley DB download page if required.
> There are several versions available from Oracle Corporation. Berkeley DB version 6.0.20 and later uses a software license that is incompatible with LDAP technology and should not be used with OpenLDAP.
=== END install.html ===
=== START intro.html ===
99,100c99,100
< This question is raised many times, in different forms. The most common, however, is: Why doesn't OpenLDAP drop Berkeley DB and use a relational database management system (RDBMS) instead? In general, expecting that the sophisticated algorithms implemented by commercial-grade RDBMS would make OpenLDAP be faster or somehow better and, at the same time, permitting sharing of data with other applications.
< The short answer is that use of an embedded database and custom indexing system allows OpenLDAP to provide greater performance and scalability without loss of reliability. OpenLDAP uses Berkeley DB concurrent / transactional database software. This is the same software used by leading commercial directory software.
---
> This question is raised many times, in different forms. The most common, however, is: Why doesn't OpenLDAP use a relational database management system (RDBMS) instead of an embedded key/value store like LMDB? In general, expecting that the sophisticated algorithms implemented by commercial-grade RDBMS would make OpenLDAP be faster or somehow better and, at the same time, permitting sharing of data with other applications.
> The short answer is that use of an embedded database and custom indexing system allows OpenLDAP to provide greater performance and scalability without loss of reliability. OpenLDAP uses LMDB concurrent / transactional database software.
111c111
< The second approach is to put the whole entry as a blob in a table shared by all entries regardless of the objectclass and have additional tables that act as indices for the first table. Index tables are not database indices, but are fully managed by the LDAP server-side implementation. However, the database becomes unusable from SQL. And, thus, a fully fledged database system provides little or no advantage. The full generality of the database is unneeded. Much better to use something light and fast, like Berkeley DB.
---
> The second approach is to put the whole entry as a blob in a table shared by all entries regardless of the objectclass and have additional tables that act as indices for the first table. Index tables are not database indices, but are fully managed by the LDAP server-side implementation. However, the database becomes unusable from SQL. And, thus, a fully fledged database system provides little or no advantage. The full generality of the database is unneeded. Much better to use something light and fast, like LMDB.
125c125
< Choice of database backends: slapd comes with a variety of different database backends you can choose from. They include BDB, a high-performance transactional database backend; HDB, a hierarchical high-performance transactional backend; SHELL, a backend interface to arbitrary shell scripts; and PASSWD, a simple backend interface to the passwd(5) file. The BDB and HDB backends utilize Oracle Berkeley DB.
---
> Choice of database backends: slapd comes with a variety of different database backends you can choose from. They include MDB, a hierarchical high-performance transactional database backend; BDB, a high-performance transactional database backend (deprecated); HDB, a hierarchical high-performance transactional backend (deprecated); SHELL, a backend interface to arbitrary shell scripts; and PASSWD, a simple backend interface to the passwd(5) file. The MDB backend utilizes LMDB, a high performance replacement for Oracle Corporation's Berkeley DB. The BDB and HDB backends utilize Oracle Corporation Berkeley DB. These backends have been deprecated as LMDB provides significantly higher read and write throughput and data reliability.
=== END intro.html ===
=== START license.html ===
=== END license.html ===
=== START limits.html ===
=== END limits.html ===
=== START maintenance.html ===
=== END maintenance.html ===
=== START monitoringslapd.html ===
=== END monitoringslapd.html ===
=== START overlays.html ===
=== END overlays.html ===
=== START preface.html ===
=== END preface.html ===
=== START quickstart.html ===
97,98c97,98
< Use your favorite editor to edit the provided slapd.conf(5) example (usually installed as /usr/local/etc/openldap/slapd.conf) to contain a BDB database definition of the form:
< database bdb
---
> Use your favorite editor to edit the provided slapd.ldif example (usually installed as /usr/local/etc/openldap/slapd.ldif) to contain a MDB database definition of the form:
> dn: olcDatabase=mdb,cn=config
100c100
< suffix "dc=<MY-DOMAIN>,dc=<COM>"
---
> objectClass: olcDatabaseConfig
102c102
< rootdn "cn=Manager,dc=<MY-DOMAIN>,dc=<COM>"
---
> objectClass: olcMdbConfig
104c104
< rootpw secret
---
> olcDatabase: mdb
106c106,116
< directory /usr/local/var/openldap-data
---
> OlcDbMaxSize: 1073741824
>
> olcSuffix: dc=<MY-DOMAIN>,dc=<COM>
>
> olcRootDN: cn=Manager,dc=<MY-DOMAIN>,dc=<COM>
>
> olcRootPW: secret
>
> olcDbDirectory: /usr/local/var/openldap-data
>
> olcDbIndex: objectClass eq
109c119,127
< database bdb
---
> dn: olcDatabase=mdb,cn=config
>
> objectClass: olcDatabaseConfig
>
> objectClass: olcMdbConfig
>
> olcDatabase: mdb
>
> OlcDbMaxSize: 1073741824
111c129
< suffix "dc=example,dc=com"
---
> olcSuffix: dc=example,dc=com
113c131
< rootdn "cn=Manager,dc=example,dc=com"
---
> olcRootDN: cn=Manager,dc=example,dc=com
115c133
< rootpw secret
---
> olcRootPW: secret
117c135,137
< directory /usr/local/var/openldap-data
---
> olcDbDirectory: /usr/local/var/openldap-data
>
> olcDbIndex: objectClass eq
120c140,148
< database bdb
---
> dn: olcDatabase=mdb,cn=config
>
> objectClass: olcDatabaseConfig
>
> objectClass: olcMdbConfig
>
> olcDatabase: mdb
>
> OlcDbMaxSize: 1073741824
122c150
< suffix "dc=eng,dc=uni,dc=edu,dc=eu"
---
> olcSuffix: dc=eng,dc=uni,dc=edu,dc=eu
124c152
< rootdn "cn=Manager,dc=eng,dc=uni,dc=edu,dc=eu"
---
> olcRootDN: cn=Manager,dc=eng,dc=uni,dc=edu,dc=eu
126c154
< rootpw secret
---
> olcRootPW: secret
128c156,163
< directory /usr/local/var/openldap-data
---
> olcDbDirectory: /usr/local/var/openldap-data
>
> olcDbIndex: objectClass eq
>
> Details regarding configuring slapd(8) can be found in the slapd-config(5) manual page and the Configuring slapd chapter of this document. Note that the specified olcDbDirectory must exist prior to starting slapd(8).
>
>
> Import the configuration database
130c165,166
< Details regarding configuring slapd(8) can be found in the slapd.conf(5) manual page and the The slapd Configuration File chapter of this document. Note that the specified directory must exist prior to starting slapd(8).
---
> You are now ready to import your configration database for use by slapd(8), by running the command:
> su root -c /usr/local/sbin/slapadd -F /usr/local/etc/cn=config -l /usr/local/etc/openldap/slapd.ldif
136c172
< su root -c /usr/local/libexec/slapd
---
> su root -c /usr/local/libexec/slapd -F /usr/local/etc/cn=config
=== END quickstart.html ===
=== START referrals.html ===
=== END referrals.html ===
=== START replication.html ===
52c52
< The syncrepl engine, which is a consumer-side replication engine, can work with any backends. The LDAP Sync provider can be configured as an overlay on any backend, but works best with the back-bdb or back-hdb backend.
---
> The syncrepl engine, which is a consumer-side replication engine, can work with any backends. The LDAP Sync provider can be configured as an overlay on any backend, but works best with the back-bdb back-hdb, or back-mdb backends.
160c160,161
< database bdb
---
> database mdb
> maxsize 1073741824
173c174,175
< database hdb
---
> database mdb
> maxsize 1073741824
=== END replication.html ===
=== START runningslapd.html ===
=== END runningslapd.html ===
=== START sasl.html ===
=== END sasl.html ===
=== START schema.html ===
=== END schema.html ===
=== START security.html ===
=== END security.html ===
=== START slapdconf2.html ===
=== END slapdconf2.html ===
=== START slapdconfig.html ===
520c520
< The syncrepl replication mechanism is supported by the bdb and hdb backends.
---
> The syncrepl replication mechanism is supported by the bdb, hdb, and mdb backends.
=== END slapdconfig.html ===
=== START tls.html ===
=== END tls.html ===
=== START troubleshooting.html ===
=== END troubleshooting.html ===
=== START tuning.html ===
=== END tuning.html ===
|