On 20 Sep 2014, at 16:48, Howard Chu hyc@symas.com wrote:
Mark Cairney wrote:
Hi,
Coincidentally I was adding a flat .schema file to my cn=config setup yesterday, here’s my (rather brief) notes on the conversion process:
The direct manual steps are documented in schema/openldap.ldif.
That’s pretty useful and it demonstrates that it’s probably easier to do it by hand than jump through the hoops I’ve described previously.
- Create a temporary directory and put your .schema file in it.
mkdir /tmp/schema
- Create a minimal slapd.conf file containing only an include of the new schema file
cd /tmp/schema cp /etc/openldap/slapd.conf /tmp/slapd.conf.schema Vim slapd.conf.schemaname
Comment everything out Add the following line: include /tmp/schema/schemaname.schema
You'll need to include any other schemas that your to-be-converted schema depends on, as well.
Good point- I’ve probably been fortunate that the only times I’ve had to add a schema to an existing setup the dependencies have already been there (e.g. edumember ) or there weren’t any.
Generate the schema file using slaptest while in the /tmp/schema directory : /usr/local/authz/sbin/slaptest -f slapd.conf.schemaname -F .
This is the usual procedure for converting an entire configuration. If you only want to convert some schema, just use:
slapcat -f slapd.conf.schemaname -F /tmp/schema -n0 -s cn=schema,cn=config
Yep that’s a bit cleaner than using slaptest as it won’t output a whole directory structure though you’d still have to do a bit of pruning of the default cn=schema,cn=config stuff to get it to a state suitable for ldapadd’ing to a live system.
The manpages already document that any of the slap* tools can be used to perform a conversion. You would know this if you read them.
If the conversion process succeeded you should now have a cn=config/cn=schema directory.
Your conversion creates a slapd config database. As already stated countless times, slapd database internal formats are subject to change without notice. You should not be poking at the contents of any files within a slapd database unless you really know what you're doing. If you're asking these types of questions on this list, by definition you don't know what you're doing.
Use the slapcat output to get the contents of a slapd database. This is why the tool exists.
Well strictly speaking it creates a temporary, minimal config database purely for the purpose of generating the contents of the cn=schema directory. You’re preaching to the converted about manually hacking the config files by hand as even a trailing space can stop your setup from loading and having some sanity checking at the point of making a modification to cn=config is really useful. However I get your point that a newbie might not appreciate the distinction between messing around with the contents of this temp cn=config directory and their own live one.
On 20 Sep 2014, at 07:17, Abhishek koserwal abhishek.koserwal@gmail.com wrote:
Hi,
I need some reference material regarding "How to configure customize schema" in OpenLdap2.4.x. I have some schema files of version 2.3<, when slapd.conf were used. I am want to import those schema into new Openldap.2.4.39 . I have gone through Admin guide tried some methods but, I didn't get much help from it. Kindly help me or whom should I contact or any specific materials.
Thank You, Abhishek koserwal,
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/