Red Hat Directory Server 8.0 Configuration, Command, and File Reference
2.2.1. Modifying Configuration Entries Using LDAP
The configuration entries in the directory can be searched and modified using LDAP either via
the Directory Server Console or by performing ldapsearch and ldapmodify operations in the
same way as other directory entries. The advantage of using LDAP to modify entries is changes
can be made while the server is running.
For further information, see the "Creating Directory Entries" chapter in the Directory Server
Administrator's Guide. However, certain changes do require the server to be restarted before
they are taken into account. See Section 2.2.3, “Configuration Changes Requiring Server
Restart” for further information.
NOTE
As with any set of configuration files, care should be taken when changing or
deleting nodes in the cn=config subtree as this risks affecting Directory Server
functionality.
The entire configuration, including attributes that always take default values, can be viewed by
performing an ldapsearch operation on the cn=config subtree:
ldapsearch -b cn=config -D bindDN -w password
• bindDN is the DN chosen for the Directory Manager when the server was installed
(cn=Directory Manager by default).
• password is the password chosen for the Directory Manager.
For more information on using ldapsearch, see Section 4, “ldapsearch”.
To disable a plug-in, use ldapmodify to edit the nsslapd-pluginEnabled attribute:
ldapmodify -D cn="directory manager" -w password
dn: cn=Telephone Syntax,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginEnabled
nsslapd-pluginEnabled: off
2.2.2. Restrictions to Modifying Configuration Entries and Attributes
Certain restrictions apply when modifying server entries and attributes:
Chapter 2. Core Server Configuration Reference
10