[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to initialize cn=schema,cn=config with the system schema

Mathias Gug wrote:
On Tue, Jul 08, 2008 at 09:01:19PM -0700, Howard Chu wrote:
Mathias Gug wrote:
I'm currently working on adding support for the config backend to the
Ubuntu openldap package (2.4.10). While creating a new configuration, I
run into the problem of loading the system schema into
/etc/ldap/slapd.d/cn=config/cn=schema.ldif. Using the example from the
slapd-config man page doesn't work: the system schema isn't created in
cn=schema.ldif. Comparing with a slapd.conf conversion, cn=schema.ldif
holds the system schema in the latter case.

As documented in the Admin Guide:

5.2.3 cn=schema

The cn=schema entry holds all of the schema definitions that are
hard-coded in slapd. As such, the values in this entry are generated by
slapd so no schema values need to be provided in the config file. The
entry must still be defined though, to serve as a base for the
user-defined schema to add in underneath. Schema entries must have the
olcSchemaConfig objectClass.

In other words, just make a blank entry. See the example in

I've attache the three ldif files that I'm using to create a new configuration. Here are the steps that I'm following to initialize a new setup:

# mkdir /etc/ldap/slapd.d/
# slapadd -F /etc/ldap/slapd.d/ -n 0 -l slapd.d.init.ldif
# slapadd -F /etc/ldap/slapd.d/ -n 0 -l slapd.d.load_hdb_module.ldif
# slapadd -F /etc/ldap/slapd.d/ -n 0 -l slapd.d.new-db.ldif
slapadd: could not add entry dn="olcDatabase=hdb,cn=config" (line=1):
autocreation of "olcDatabase={-1}frontend" failed

That's your first problem; slapadd is not intended for incremental use. It's for bulk loading, which generally means you feed it a single complete LDIF file. After you've run slapadd, generally you should just start up slapd and use ldap* commands from then on.

In this case, you could still use multiple LDIF files; just use include: directives to link them all into a single LDIF that can be slapadd'd in one pass.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/