2.2.2.2 Restrictions to modifying configuration entries and attributes
Certain restrictions apply when modifying server entries and attributes:
•The cn=monitor entry and its child entries are
•If an attribute is added to cn=config, the server ignores it.
•If an invalid value is entered for an attribute, the server ignores it.
•Because the ldapdelete command is used for deleting an entire entry, use the ldapmodify command to remove an attribute from an entry.
2.2.2.3Configuration changes requiring server restart
Some configuration attributes cannot be altered while the server is running. In these cases, for the changes to take effect, the server needs to be shut down and restarted. The modifications should be made either through the Directory Server Console or by manually editing the dse.ldif file. Some of the attributes that require a server restart for any changes to take effect are listed below.
nsSSL2 | |
nsSSL3 | nsSSLclientauth |
nsSSLSessionTimeout | |
This list is not exhaustive; to see a complete list, run the ldapsearch command and search for the
#ldapsearch
2.3Core server configuration attributes reference
This section contains reference information on the configuration attributes that are relevant to the core server functionality. For information on changing server configuration, see “Accessing and modifying server configuration”. For a list of server features that are implemented as
The configuration information stored in the dse.ldif file is organized as an information tree under the general configuration entry cn=config, as shown in . Figure
22 Core server configuration reference