On Tue, Feb 11, 2025 at 09:40:47AM +0000, Marc wrote: > > I would not start it in the first place... Otherwise maybe don't give it > > network access? > > currenlty my method is retrieving ldif files from some config storage > (that is on same network as ldap server), do sometimes some sed stuff, > and then I import them like this: > > ldapadd -Q -D "cn=admin,cn=config" -Y EXTERNAL -H ldapi:/// -f > $SLAPD_CFG_DIR/change-modules.ldif > > So this way I have direct feedback if one of the ldifs is not > compatible with some slapd upgrade.
slapadd -n0 is your friend, no need to start the server for it. Maybe also slaptest if you want to double check the resulting config. -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP
