Convert OpenLDAP Schema to LDIF

We’re migrating an OpenLDAP server from Debian Squeeze to Ubuntu 14.04.

Debian server uses slapd.conf where Ubuntu 14.04 uses slap.d.


Software used in this article:

  1. Ubuntu 14.04 (also tested on Debian Wheezy)
  2. OpenLDAPĀ 2.4.31


Default OpenLDAP installation on Ubuntu 14.04 comes with the following schema in place:

# ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b cn=schema,cn=config "(objectClass=olcSchemaConfig)" dn
dn: cn=schema,cn=config

dn: cn={0}core,cn=schema,cn=config

dn: cn={1}cosine,cn=schema,cn=config

dn: cn={2}nis,cn=schema,cn=config

dn: cn={3}inetorgperson,cn=schema,cn=config

We have some custom schema (mail and samba) on the Debian server in a .schema format which we need to convert to .ldif.

Create a conversion file:

# cat > ./schema_conv.conf << EOL
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/mail.schema
include /etc/ldap/schema/samba.schema

Convert the schema files to LDIF:

# mkdir /tmp/ldif
# slaptest -f ./schema_conv.conf -F /tmp/ldif/

Open the /tmp/ldif/cn\=config/cn\=schema/cn\=\{5\}mail.ldif file and change the following lines:

dn: cn={5}mail
objectClass: olcSchemaConfig
cn: {5}mail


dn: cn=mail,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: mail

Also delete these lines at the bottom:

structuralObjectClass: olcSchemaConfig
entryUUID: d53d1a8c-4261-1034-9085-738a9b3f3783
creatorsName: cn=config
createTimestamp: 20150206153742Z
entryCSN: 20150206153742.072733Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20150206153742Z

Do the same for the samba LDIF file.

Copy the files to the /etc/ldap/schema directory:

# cd /etc/ldap/schema
# cp /tmp/ldif/cn\=config/cn\=schema/cn\=\{5\}mail.ldif ./mail.ldif
# cp /tmp/ldif/cn\=config/cn\=schema/cn\=\{6\}samba.ldif ./samba.ldif

Insert the new schema to the LDAP tree:

# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/misc.ldif
# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/mail.ldif
# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/samba.ldif

You can also do it this way:

# ldapadd -Q -Y EXTERNAL -H ldapi:/// /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{5\}mail.ldif
# ldapadd -Q -Y EXTERNAL -H ldapi:/// /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{6\}samba.ldif


# ls -1 /etc/ldap/slapd.d/cn\=config/cn\=schema

Related Posts

Install and Configure an OpenLDAP Server with SSL on Debian Wheezy

2 thoughts on “Convert OpenLDAP Schema to LDIF

Leave a Reply

Your email address will not be published. Required fields are marked *