[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Switch OpenLDAP backend database from HDB to MDB
On Fri, Jan 11, 2019 at 11:13:33PM +0100, SHarbich@t-online.de wrote:
nice slapcat -n 0 > ${BACKUP_PATH}/config.ldif
nice slapcat -n 1 > ${BACKUP_PATH}/meinedomain.local.ldif
cp -rp /var/lib/ldap /var/lib/ldap.bak
cp -rp /etc/ldap/slapd.d /etc/ldap/slapd.d.bak
Modify entries in these two dates with a text editor from hdb to mdb.
You should only need to edit the config ldif. The data shouldn't need
any changes.
Note that the database config attributes for hdb and mdb differ a little
bit. For example you should configure olcDbMaxSize for mdb.
Stop the OpenLDAP service
sudo systemctl stop sldap.service
I would personally do that before dumping, just to make sure you don't
miss any changes :) but slapcat while slapd is running is fine too.
Delete the directories of the LDAP tree
rm -r /var/lib/ldap /etc/ldap/slapd.d
Rebuild the LDAP database
sudo dpkg-reconfigure slapd
In the options select the database MDB and leave everything else as before.
No need to run dpkg-reconfigure. All it does is re-initialize
/etc/ldap/slapd.d and /var/lib/ldap with the default contents; but you'd
have to stop slapd and delete those before adding back your own anyway.
Just delete the contents out of those directories, leaving them empty,
and with the existing ownership/permissions:
find /etc/ldap/slapd.d /var/lib/ldap -mindepth 1 -print
find /etc/ldap/slapd.d /var/lib/ldap -mindepth 1 -delete
then fix up your config LDIF and slapadd everything back.
If there is a mistake in your config and slapadd fails, delete the
partial content out of slapd.d before trying again.
Then restore the LDAP tree.
sudo slapadd -F /etc/ldap/slapd.d -n 0 -l ${BACKUP_PATH}/config.ldif
sudo slapadd -F /etc/ldap/slapd.d -n 1 -l ${BACKUP_PATH}/meinedomain.local.ldif
Correct. Note that the directories /etc/ldap/slap.d and /var/lib/ldap
should be emptied before doing this.
Hope this helps,
Ryan