[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to Clone / move an OpenLDAP instance?

On Thu, Dec 3, 2009 at 10:43 AM, Quanah Gibson-Mount <quanah@zimbra.com> wrote:
> --On Thursday, December 03, 2009 9:36 AM -0700 Michael March
> <mmarch@gmail.com> wrote:
>> Thanks for the response.
>>> On Thursday, 3 December 2009 11:06:54 Michael March wrote:
>>>> I need to move all the data from one OpenLDAP instance to another
>>>> (including operational attributes). What is the best way to do that?
>>> slapcat;scp;slapadd
>> Unfortunately slapadd doesn't maintain operational attributes.
> What in the world are you talking about?  slapcat and slapadd maintain all
> the attributes in the entry...

Every time I import the output from slapcat I have to run the stream
through this sed script to strip out operational attributes:

/^creatorsName: /d
/^createTimestamp: /d
/^modifiersName: /d
/^modifyTimestamp: /d
/^structuralObjectClass: /d
/^entryUUID: /d
/^entryCSN: /d
/^pwdHistory: /,+1d
/^pwdChangedTime: /d
/^pwdFailureTime: /d

... also from the slapadd man page:

"As slapadd is designed to accept LDIF in database order, as produced
by slapcat(8), it does not verify that superior entries exist before
adding an entry, does not perform all user and system schema checks,
and does not maintain operational attributes (such as createTimeStamp
and modifiersName). "