Jens Bürger jbuerger@arcor.de writes:
Hi Peter,
thanks for your answer. […]
not sure if I understood completely, what you wish to do (a one time clone and no continuous replication?),
A continuous replication in terms of maybe a daily copy-over.
but as to schema, it should not be too difficult. On the UCS server all schema needed should be stored below /usr/share/univention-ldap/schema (see /etc/openldap/slapd.conf and look for include commands if you cannot find the schema files). If you convert all those files from slapd.conf format (xx.schema) to cn=config (xx.ldif) format, which you seem to know how to do it, and put them in the appropriate location of the target system (below /etc/openldap/slapd.d/cn=schema/) renaming the files to cn={<running number>}xx.ldif and restart the server it should work. The cleaner way to do it, is instead of copying the files yourself with the danger to make mistakes, to ldapadd the single ldif files, e.g.
I now copied them. I had a look at this manual to convert the schemas: https://www.lisenet.com/2015/convert-openldap-schema-to-ldif/
As the UCS has ~40 schemas, editing them (removing the {} and the trailing lines) all would consume too much time.
I copied the schemas under the respective directory. OpenLDAP seems to run with the schemas now. But the problem I have is another one:
When trying to add the exported ldif I get the following error: adding new entry „dc=my-domain,dc=tld" ldap_add: Constraint violation (19) additional info: structuralObjectClass: no user modification allowed
Frankly, ist is a long time ago that i have been engaged in Kolab3/Univention systems, but i believe that UCS still is based on Kolab3. At that time the openldap source code had been modified. In particular schema.c, schema_init.c and schema_prep.c. This modification required a new private core.schema file.
With regard to your your effort to modify config database, the appropriate database naming context is cn=config,cn=schema
-Dieter