Convert OpenLDAP Schema to LDIF

We’re migrating an OpenLDAP server from Debian Squeeze to Ubuntu 14.04.

Debian server uses slapd.conf where Ubuntu 14.04 uses slap.d.

Software

Software used in this article:

Ubuntu 14.04 (also tested on Debian Wheezy)
OpenLDAP 2.4.31

Instructions

Default OpenLDAP installation on Ubuntu 14.04 comes with the following schema in place:

# ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=schema,cn=config "(objectClass=olcSchemaConfig)" dn
dn: cn=schema,cn=config

dn: cn={0}core,cn=schema,cn=config

dn: cn={1}cosine,cn=schema,cn=config

dn: cn={2}nis,cn=schema,cn=config

dn: cn={3}inetorgperson,cn=schema,cn=config

We have some custom schema (mail and samba) on the Debian server in a .schema format which we need to convert to .ldif.

Create a conversion file:

# cat > ./schema_conv.conf << EOL
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/mail.schema
include /etc/ldap/schema/samba.schema
EOL

Convert the schema files to LDIF:

# mkdir /tmp/ldif
# slaptest -f ./schema_conv.conf -F /tmp/ldif/

Open the /tmp/ldif/cn\=config/cn\=schema/cn\=\{5\}mail.ldif file and change the following lines:

dn: cn={5}mail
objectClass: olcSchemaConfig
cn: {5}mail

To:

dn: cn=mail,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: mail

Also delete these lines at the bottom:

structuralObjectClass: olcSchemaConfig
entryUUID: d53d1a8c-4261-1034-9085-738a9b3f3783
creatorsName: cn=config
createTimestamp: 20150206153742Z
entryCSN: 20150206153742.072733Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20150206153742Z

Do the same for the samba LDIF file.

Copy the files to the /etc/ldap/schema directory:

# cd /etc/ldap/schema
# cp /tmp/ldif/cn\=config/cn\=schema/cn\=\{5\}mail.ldif ./mail.ldif
# cp /tmp/ldif/cn\=config/cn\=schema/cn\=\{6\}samba.ldif ./samba.ldif

Insert the new schema to the LDAP tree:

# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/misc.ldif
# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/mail.ldif
# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/samba.ldif

You can also do it this way:

# ldapadd -Q -Y EXTERNAL -H ldapi:/// /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{5\}mail.ldif
# ldapadd -Q -Y EXTERNAL -H ldapi:/// /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{6\}samba.ldif

Verify:

# ls -1 /etc/ldap/slapd.d/cn\=config/cn\=schema
cn={0}core.ldif
cn={1}cosine.ldif
cn={2}nis.ldif
cn={3}inetorgperson.ldif
cn={4}misc.ldif
cn={5}mail.ldif
cn={6}samba.ldif

Install and Configure an OpenLDAP Server with SSL on Debian Wheezy

3 thoughts on “Convert OpenLDAP Schema to LDIF”

eriktoh says:

04/06/2015 at 9:31 am

Minor typo:
dn: cn=mail,cn=schema,cn=config,

The trailing comma should be removed.

- Lisenet says:
  
  04/06/2015 at 7:43 pm
  
  Thanks, this has been fixed.
Abhijit Roy says:

26/04/2018 at 11:16 am

Excellent!!

Software

Instructions

Related Posts

3 thoughts on “Convert OpenLDAP Schema to LDIF”

Leave a Reply Cancel reply