[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Loading LDAP schema files into cn=config



Mark Cave-Ayland wrote:
Hi all,

Having started to look at the changes required to migrate from a
slapd.conf setup to a cn=config setup, one of things I'm struggling with
is how to load new LDAP schemas into cn=config.

I've seen the guides similar to this one here:
http://blogger.ziesemer.com/2011/01/ldap-authentication-for-samba.html
which suggest hacking together a temporary slapd.conf file containing
just the include directives, run slaptest, and then hack the output so
that it can be loaded into cn=config using ldapadd.

His step 1 and 2 were fine. Everything after that is garbage.

1: schemaConvert.conf
####
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include samba.schema
####

2: slaptest
	mkdir config && slaptest -f schemaConvert.conf -F config

3: slapcat
	
	slapcat -F config -n0 -s cn=schema,cn=config

and all of your converted schema will pop out, ready to be slapadd'd or ldapadd'd anywhere else.

Given that this is a quite a common task, is there no way of generating
the LDIF directly to be loaded into the directory, e.g.

slaptest -s /etc/ldap/schema/myschema.schema [ -n<schemanum>  ] -l
myschema.ldif

Or then again, is this functionality already there but I just haven't
managed to find it yet? I'd be grateful if someone could point me in the
right direction and/or give me some hints as to the best way to manage
schemas in the new regime.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/