9

Is it possible to export all the data inside openldap for example using ldapsearch or some other tool to a (ldif?) file and then import everything on another server and put this in a script that would be run every day. So that I could use the other one as a backup when the first/master server is not available?

I have full access to the first/master server, but I can't modify it's configuration so I think I can't set up replication.

Jure1873
  • 3,692
  • 1
  • 21
  • 28

1 Answers1

14

Is it possible to export all the data inside openldap for example using ldapsearch or some other tool to a (ldif?) file

Sure, it is possible. slapcat/slapadd is what you're looking for:

slapcat -f /path/to/the/slapd.conf -l backup.ldif
slapadd -v -c -l backup.ldif -f /path/to/the/slapd.conf

These are basically offline tools, you should stop slapd before proceeding. Maybe you also have to set/fix file permissions after restore.

cstamas
  • 6,607
  • 24
  • 42
quanta
  • 50,327
  • 19
  • 152
  • 213
  • Thanks, that looks just what I needed. I was just wondering if I can do it over and over - I mean do I have to purge the ldap database on the backup server before I do the slapadd command or it doesn't matter? – Jure1873 Oct 05 '12 at 15:35
  • 1
    Yes. You must stop the `slapd` first, and delete old database `rm -fr /var/lib/ldap/*` then restore. If not, you'll get something like `Key/data pair already exists (-30996)`. – quanta Oct 05 '12 at 15:45
  • Ok, I will do that. – Jure1873 Oct 05 '12 at 15:49
  • in OpenLDAP `2.4+` you probably want to use `slapcat -F /etc/openldap/slapd.d` for the new dynamic configuration operation. – Stuart Cardall Aug 11 '20 at 12:24