[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Hi, I need help regarding customize schema regarding OpenLDAD 2.4.39 configuration.
On 20 Sep 2014, at 16:48, Howard Chu <hyc@symas.com> wrote:
> Mark Cairney wrote:
>> Hi,
>>
>> Coincidentally I was adding a flat .schema file to my cn=config setup yesterday, here’s my (rather brief) notes on the conversion process:
>
> The direct manual steps are documented in schema/openldap.ldif.
That’s pretty useful and it demonstrates that it’s probably easier to do it by hand than jump through the hoops I’ve described previously.
>
>> 1. Create a temporary directory and put your .schema file in it.
>> mkdir /tmp/schema
>>
>> 2. Create a minimal slapd.conf file containing only an include of the new schema file
>>
>> cd /tmp/schema
>> cp /etc/openldap/slapd.conf /tmp/slapd.conf.schema
>> Vim slapd.conf.schemaname
>>
>> Comment everything out
>> Add the following line:
>> include /tmp/schema/schemaname.schema
>
> You'll need to include any other schemas that your to-be-converted schema depends on, as well.
Good point- I’ve probably been fortunate that the only times I’ve had to add a schema to an existing setup the dependencies have already been there (e.g. edumember ) or there weren’t any.
>
>> Generate the schema file using slaptest while in the /tmp/schema directory :
>> /usr/local/authz/sbin/slaptest -f slapd.conf.schemaname -F .
>
> This is the usual procedure for converting an entire configuration. If you only want to convert some schema, just use:
>
> slapcat -f slapd.conf.schemaname -F /tmp/schema -n0 -s cn=schema,cn=config
Yep that’s a bit cleaner than using slaptest as it won’t output a whole directory structure though you’d still have to do a bit of pruning of the default cn=schema,cn=config stuff to get it to a state suitable for ldapadd’ing to a live system.
>
> The manpages already document that any of the slap* tools can be used to perform a conversion. You would know this if you read them.
>
>> If the conversion process succeeded you should now have a cn=config/cn=schema directory.
>
> Your conversion creates a slapd config database. As already stated countless times, slapd database internal formats are subject to change without notice. You should not be poking at the contents of any files within a slapd database unless you really know what you're doing. If you're asking these types of questions on this list, by definition you don't know what you're doing.
>
> Use the slapcat output to get the contents of a slapd database. This is why the tool exists.
Well strictly speaking it creates a temporary, minimal config database purely for the purpose of generating the contents of the cn=schema directory. You’re preaching to the converted about manually hacking the config files by hand as even a trailing space can stop your setup from loading and having some sanity checking at the point of making a modification to cn=config is really useful.
However I get your point that a newbie might not appreciate the distinction between messing around with the contents of this temp cn=config directory and their own live one.
>
>> On 20 Sep 2014, at 07:17, Abhishek koserwal <abhishek.koserwal@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I need some reference material regarding "How to configure customize schema" in OpenLdap2.4.x. I have some schema files of version 2.3<, when slapd.conf were used. I am want to import those schema into new Openldap.2.4.39 . I have gone through Admin guide tried some methods but, I didn't get much help from it. Kindly help me or whom should I contact or any specific materials.
>>>
>>> Thank You,
>>> Abhishek koserwal,
>
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/
>
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.