I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
My first thought was to tar up all the file in /var/lib/openldap (on Centos) and move that data over but that doesn't seem to be working. Specifically, slapd will not start and no errors are spitting out.
Any ideas?
Thanks!
i think the best idea is to do that with slapcat
extract all into a ldif file and reimport it, then it's a clone
Am 03.12.2009 11:06, schrieb Michael March:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
My first thought was to tar up all the file in /var/lib/openldap (on Centos) and move that data over but that doesn't seem to be working. Specifically, slapd will not start and no errors are spitting out.
Any ideas?
Thanks!
Michael March wrote:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
My first thought was to tar up all the file in /var/lib/openldap (on Centos) and move that data over but that doesn't seem to be working. Specifically, slapd will not start and no errors are spitting out.
Any ideas?
Take a look at slapcat/slapadd.
Try to start slapd in higher debug level,may you get some relevant information
root# slapd -d 256
Thanks
On Thu, Dec 3, 2009 at 3:36 PM, Michael March mmarch@gmail.com wrote:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
My first thought was to tar up all the file in /var/lib/openldap (on Centos) and move that data over but that doesn't seem to be working. Specifically, slapd will not start and no errors are spitting out.
Any ideas?
Thanks!
On Thursday, 3 December 2009 11:06:54 Michael March wrote:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
slapcat;scp;slapadd
http://www.openldap.org/doc/admin24/dbtools.html#The%20%7B%7BEX:slapcat%7D%7...
My first thought was to tar up all the file in /var/lib/openldap (on Centos) and move that data over but that doesn't seem to be working.
That should work if the software is the same on old and new, but if they differ (e.g. architecture - x86 vs x86-64, or old server had newer Berkeley DB version) it may not.
Specifically, slapd will not start and no errors are spitting out.
Did you increase debugging?
Regards, Buchan
Thanks for the response.
On Thursday, 3 December 2009 11:06:54 Michael March wrote:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
slapcat;scp;slapadd
Unfortunately slapadd doesn't maintain operational attributes.
http://www.openldap.org/doc/admin24/dbtools.html#The%20%7B%7BEX:slapcat%7D%7...
My first thought was to tar up all the file in /var/lib/openldap (on Centos) and move that data over but that doesn't seem to be working.
That should work if the software is the same on old and new, but if they differ (e.g. architecture - x86 vs x86-64, or old server had newer Berkeley DB version) it may not.
Arg.. the old server is running 32bit and the new is 64bit.. Aside from that everything is the same.
Specifically, slapd will not start and no errors are spitting out.
Did you increase debugging?
[root@localhost ldap]# slapd -d 256 @(#) $OpenLDAP: slapd 2.3.43 (Nov 6 2008 02:53:24) $ brewbuilder@hs20-bc1-5.build.redhat.com:/builddir/build/BUILD/openldap-2.3.43/openldap-2.3.43/build-servers/servers/slapd bdb_db_open: unclean shutdown detected; attempting recovery. bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ldap: (2) Expect poor performance for suffix dc=acme,dc=com. Segmentation fault [root@localhost ldap]#
Regards, Buchan
--On Thursday, December 03, 2009 9:36 AM -0700 Michael March mmarch@gmail.com wrote:
Thanks for the response.
On Thursday, 3 December 2009 11:06:54 Michael March wrote:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
slapcat;scp;slapadd
Unfortunately slapadd doesn't maintain operational attributes.
What in the world are you talking about? slapcat and slapadd maintain all the attributes in the entry...
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
2009/12/3 Michael March mmarch@gmail.com:
Thanks for the response.
On Thursday, 3 December 2009 11:06:54 Michael March wrote:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
slapcat;scp;slapadd
Unfortunately slapadd doesn't maintain operational attributes.
Where you read this?
- Jarbas
Thanks for the response.
On Thursday, 3 December 2009 11:06:54 Michael March wrote:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
slapcat;scp;slapadd
Unfortunately slapadd doesn't maintain operational attributes.
Where you read this?
From the 'slapadd' man page:
" As slapadd is designed to accept LDIF in database order, as produced by slapcat(8), it does not verify that superior entries exist before adding an entry, does not perform all user and system schema checks, and does not maintain operational attributes (such as createTimeStamp and modifiersName)."
In the manual online (http://www.openldap.org/software/man.cgi?query=slapadd&apropos=0&sek...) could not identify this behavior.
Which version are you using?
- Jarbas
2009/12/3 Michael March mmarch@gmail.com:
Thanks for the response.
On Thursday, 3 December 2009 11:06:54 Michael March wrote:
I need to move all the data from one OpenLDAP instance to another (including operational attributes). What is the best way to do that?
slapcat;scp;slapadd
Unfortunately slapadd doesn't maintain operational attributes.
Where you read this?
From the 'slapadd' man page:
" As slapadd is designed to accept LDIF in database order, as produced by slapcat(8), it does not verify that superior entries exist before adding an entry, does not perform all user and system schema checks, and does not maintain operational attributes (such as createTimeStamp and modifiersName)."
openldap-technical@openldap.org
-
Bjørn Ruberg -
Buchan Milne -
Jarbas Peixoto Júnior -
Marc Mertes -
Michael March -
Michael Ströder -
Quanah Gibson-Mount -
vishesh kumar