[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to correctly import schemas?

To: openldap-technical@openldap.org
Subject: Re: How to correctly import schemas?
From: Peter Gietz <peter.gietz@daasi.de>
Date: Mon, 3 Jun 2019 17:47:00 +0200
Arc-authentication-results: i=1; email.daasi.de; auth=pass smtp.auth=peter.gietz@daasi.de smtp.mailfrom=peter.gietz@daasi.de
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=daasi.de; s=dkim; t=1559576821; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Tdsat0tAAeLkzPAGNPhR8f3UWSB3otupAmlc1OYb+iw=; b=XHqVxe2YdRU0vgoCF1j5SGyLgibWf/FvSuZjhvZE2gYRrRsQfyOPmPY/37hMGGkypMUQZz yWd/CfzP3Gx+oSlOTdQ3JNHApB3De8ZQCnt9TUaFDdqE4HbJ5heddgSEqJNEVrT9N34XJE Cn9/ZrFcEivnm2nBFKnTsJe8F2z3hpKRGds6AazUMDG08jaZT/oKa9fBL+wz1+envS0sdp 8B79VAo0yJwr2FVIiasWwT0c+PvHHJggIL8QJOdVifE2PTOhinHvYKzTy1S+EaLTx0Kqzj JUJff0XNrbnHSguxaXtQuYk7WeZs3jZQzf2qfqFD3bVW1VLPP3nYlh7VRb7ppw==
Arc-seal: i=1; s=dkim; d=daasi.de; t=1559576821; a=rsa-sha256; cv=none; b=WwDejYxXgTNtFOF9UiIujboQ28H2ukVjHq3XroQ01fuRa5SDoTLv9ikC5r3s1NPZgqnThu LYr8jDCXFerNOJ6y10JCgIW6YtXOob8QhSlAWBQPxLBaT0pfvZhxaHJq42W0S5I8ulgs88 KHwDRw7sSp0bVwe+ouIt1k0kmhWICCRSWybqX9bmmJ41jv7AVxusAfluypxLK8EbOCp2vf PTdy/e+J/MaPEYW6TrULkeHc2dVLPJxboo3BhMaadSkyue9wxeAB/rji3Ykc8eUlaGpLaN NijN3Ucu4n3OiSgcB2rQg8YCHQbX3cCbRlXbiN/Yy8AcHn/vSPoT3XKfMCy2HQ==
Authentication-results: email.daasi.de; auth=pass smtp.auth=peter.gietz@daasi.de smtp.mailfrom=peter.gietz@daasi.de
Content-language: en-US
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=daasi.de; s=dkim; t=1559576821; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Tdsat0tAAeLkzPAGNPhR8f3UWSB3otupAmlc1OYb+iw=; b=EGGpV+ltutn1r57ebCwANmQHG9vulLiaxrLO6uLTWUHReIoJnVue0i5UloCiTZ3Fjg54XR i/ArQ6E42BfiBiaDX7jocjcg8l91YFT2HAqd/tJLwKGusWYFakwjsu+6HGnnxwdNYQGgTz EnrfoR39599WuoLE71UuwxMBoStQ/t30ddaT0ru5RRi70vUSPBSOMrl6KE3ep0Vc1RQ90l b74DV9k1YSSk1j90jqUjYY2jZC8KIW3a9m3bbX7b/g4UZGSHJs0LXgVGtb065f12ycvlOr C7TFrfs3GSKeeBkaZg5r5vTCWEi4M9QyeJnqAUMReotSUhJyFIDU78NcxU9E1A==
In-reply-to: <E284D43B-D05B-4B2D-8B9A-D1621D6D0F47@arcor.de>
References: <E284D43B-D05B-4B2D-8B9A-D1621D6D0F47@arcor.de>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1

Hi Jens,

not sure if I understood completely, what you wish to do (a one timeclone and no continuous replication?), but as to schema, it should notbe too difficult. On the UCS server all schema needed should be storedbelow /usr/share/univention-ldap/schema (see /etc/openldap/slapd.confand look for include commands if you cannot find the schema files). Ifyou convert all those files from slapd.conf format (xx.schema) tocn=config (xx.ldif) format, which you seem to know how to do it, andput them in the appropriate location of the target system (below/etc/openldap/slapd.d/cn=schema/) renaming the files to cn={<runningnumber>}xx.ldif and restart the server it should work. The cleaner wayto do it, is instead of copying the files yourself with the danger tomake mistakes, to ldapadd the single ldif files, e.g.


ldapadd -x -D <binddn> -w <password> -f xx.ldif

(you can create a small shellscript for that)

Then the server creates those funny files below slapd.d/cn=schema byitself. and there would not be any need to restart the server.

There is no need to change core.ldif nor to ldapadd that, because it isalready installed!


Hope this helped.

Cheers,

Peter

Am 31.05.19 um 23:15 schrieb Jens Bürger:

Dear people of OpenLDAP,

I have a Univention Corporate Server (UCS) running at a local site, with a well-populated LDAP.

I have a VM on the Internet, providing some web services.

I’d like to just clone the LDAP data from the local UCS machine to the VM regularly.

While copying the database is a no-brainer (scp & ssh-key), I currently fail at importing the UCS-specific LDAP schemas into the LDAP of the VM. The schema conversion created a {0}core.ldif as starting point. Importing this into openldap failed because I have not the right to modification to core (of course).

Any hints?

Kind regards,

Jens


--

Peter Gietz, CEO

DAASI International GmbH
Europaplatz 3
D-72072 Tübingen
Germany

phone: +49 7071 407109-0
fax:   +49 7071 407109-9
email: peter.gietz@daasi.de
web:   www.daasi.de

Sitz der Gesellschaft: Tübingen
Registergericht: Amtsgericht Stuttgart, HRB 382175
Geschäftsleitung: Peter Gietz

Follow-Ups:
- Re: How to correctly import schemas?
  - From: Jens Bürger <jbuerger@arcor.de>

References:
- How to correctly import schemas?
  - From: Jens Bürger <jbuerger@arcor.de>

Prev by Date: Re: How to correctly import schemas?
Next by Date: Re: SHA-2 and other hashes
Index(es):
- Chronological
- Thread