Red Hat Directory Server 8.0 Configuration, Command, and File Reference
• The cn=monitor entry and its child entries are read-only and cannot be modified, except to
manage ACIs.
• If an attribute is added to cn=config, the server ignores it.
• If an invalid value is entered for an attribute, the server ignores it.
• Because ldapdelete is used for deleting an entire entry, use ldapmodify to remove an
attribute from an entry.
2.2.3. Configuration Changes Requiring Server Restart
Some configuration attributes cannot be altered while the server is running. In these cases, for
the changes to take effect, the server needs to be shut down and restarted. The modifications
should be made either through the Directory Server Console or by manually editing the
dse.ldif file. Some of the attributes that require a server restart for any changes to take effect
are listed below. This list is not exhaustive; to see a complete list, run ldapsearch and search
for the nsslapd-requiresrestart attribute. For example:
ldapsearch -p 389 -D "cn=directory manager" -w password -s sub -b
"cn=config"
"(objectclass=*)" | grep nsslapd-requiresrestart
nsslapd-cachesize nsslapd-certdir
nsslapd-dbcachesize nsslapd-dbncache
nsslapd-plugin nsslapd-changelogdir
nsslapd-changelogmaxage nsslapd-changelogmaxentries
nsslapd-port nsslapd-schemadir
nsslapd-saslpath nsslapd-secureport
nsslapd-tmpdir nsSSL2
nsSSL3 nsSSLclientauth
nsSSLSessionTimeout nsslapd-conntablesize
nsslapd-lockdir nsslapd-maxdescriptors
nsslapd-reservedescriptors nsslapd-listenhost
nsslapd-schema-ignore-trailing-spaces nsslapd-securelistenhost
nsslapd-workingdir nsslapd-return-exact-case
3. Core Server Configuration Attributes Reference
This section contains reference information on the configuration attributes that are relevant to
the core server functionality. For information on changing server configuration, see Section 2,
Core Server Configuration Attributes
11