0

very new to the world of LDAP. I find that when I export an LDIF file in my OpenLDAP instance on Linux, running the slapcat command as such:

./slapcat -f /somewhere/slapd.conf -l backup.ldif

it does not yield the same result as exporting using the GUI tool on Apache Directory Studio which is connected to the same OpenLDAP instance. The same entries are there but the GUI tool skips out on some lines, here is an example of one entry:

slapcat command:

dn: cn=SOMEUSER,ou=Users,dc=SOMETHING,dc=com
objectClass: organizationalPerson
objectClass: person
cn: SOMEUSER
sn: SOMEISER
userPassword:: SOMEPASSWORD
structuralObjectClass: organizationalPerson
entryUUID: 81f9a48c-cb85-1034-9c9e-3ba13cbb4ff9
creatorsName: cn=DirectoryManager,dc=SOMETHING,dc=com
createTimestamp: 20150731040813Z
entryCSN: 20150731040813.566436Z#000000#000#000000
modifiersName: cn=DirectoryManager,dc=SOMETHING,dc=com
modifyTimestamp: 20150731040813Z

ADS GUI export:

dn: cn=SOMEUSER,ou=Users,dc=SOMETHING,dc=com
objectClass: person
objectClass: organizationalPerson
cn: acn.admin
sn: acn.admin
userPassword:: SOMEPASSWORD

Is there anyway I can get ADS to output the same exact LDIF file as running slapcat on the server where OpenLDAP is installed? This is to remove the need of getting on the server everytime I need a proper LDIF export.

This is my first time posting, hope my question was clear!

Rafik Shoorbajee
  • 3
  • 3

1 Answers1

1

All fields below userpassword are internal administrative information for the LDAP server that are not relevant in many cases.

That said, you can tell ADS to export operational attributes to act like slapcat.

enter image description here

Sven
  • 97,248
  • 13
  • 177
  • 225
  • Thanks a bunch! After all this hooplah I figure that all the extra internal admin lines are not even necessary in the first place. Seems that I can export and import using ADS and not have to worry about 'slapcat'. – Rafik Shoorbajee Aug 21 '15 at 18:40