--On Monday, March 25, 2024 6:42 PM +0000 xpzhang1971@gmail.com wrote:
Tech Folks, thanks for your replies. In real world, we often face such tasks to take over a thing that not belong to you, and you even only have limited access to that thing.
Is there a way figuring out configuration, schema, and etc from ldif files generated by ldapsearch from source server? then to configure a fresh target openldap server with those information to have the target server exactly same as source server?
You can query the cn=subschema entry for the server schema, but that doesn't mean all the schema returned is in use.
However, without having the server configuration (including what overlays, etc, are in use) you cannot reproduce the server functionality. IF it exposes the configuration via cn=config with ldapsearch, then you could get the configuration that way. Without the configuration, you could be missing critical pieces such as password policies, uniqueness constraints, etc. You also have no idea whether or not your "ldapsearch" output includes the full database or only a portion of the database (or even just portions of entries) since you have no idea what limitations via ACLs have been placed on your search.
Regards, Quanah