Is it recommended to add users/modify properties of users to OpenLDAP after stopping the service ? I have been facing issues on adding users when the OpenLDAP server is running.
I am using scripts from padl.com or manually editing creating ldif files and using ldapmodify.
To add entries to OpenLDAP directory, two command line utilities distributed with openldap can be used - ldapadd and slapadd.
Even with the similar names, their workings are very different.
ldapadd connects to a running instance of ldap directory and adds the specified ldif as a normal client.
slapadd modifies directly the underlying files that slapd daemon uses. So, it should not be run when slapd server is running (and generally should only be used to initiate a new database).
Make sure your scripts are using the proper utilities in proper situation.
Consider the question for a moment. You would like to use LDIF (LDAP Interchange Format) to update an LDAP directory server, and you think it would make sense to do it when the service is not running?
LDIF as the name suggests uses the LDAP protocol to connect and perform transactions.
By what mechanism do you suggest such an approach would work if the service were not running?
