On 20 Sep 2014, at 16:48, Howard Chu <[email protected]> wrote: > Mark Cairney wrote: >> Hi, >> >> Coincidentally I was adding a flat .schema file to my cn=config setup >> yesterday, here’s my (rather brief) notes on the conversion process: > > The direct manual steps are documented in schema/openldap.ldif.
That’s pretty useful and it demonstrates that it’s probably easier to do it by hand than jump through the hoops I’ve described previously. > >> 1. Create a temporary directory and put your .schema file in it. >> mkdir /tmp/schema >> >> 2. Create a minimal slapd.conf file containing only an include of the new >> schema file >> >> cd /tmp/schema >> cp /etc/openldap/slapd.conf /tmp/slapd.conf.schema >> Vim slapd.conf.schemaname >> >> Comment everything out >> Add the following line: >> include /tmp/schema/schemaname.schema > > You'll need to include any other schemas that your to-be-converted schema > depends on, as well. Good point- I’ve probably been fortunate that the only times I’ve had to add a schema to an existing setup the dependencies have already been there (e.g. edumember ) or there weren’t any. > >> Generate the schema file using slaptest while in the /tmp/schema directory : >> /usr/local/authz/sbin/slaptest -f slapd.conf.schemaname -F . > > This is the usual procedure for converting an entire configuration. If you > only want to convert some schema, just use: > > slapcat -f slapd.conf.schemaname -F /tmp/schema -n0 -s cn=schema,cn=config Yep that’s a bit cleaner than using slaptest as it won’t output a whole directory structure though you’d still have to do a bit of pruning of the default cn=schema,cn=config stuff to get it to a state suitable for ldapadd’ing to a live system. > > The manpages already document that any of the slap* tools can be used to > perform a conversion. You would know this if you read them. > >> If the conversion process succeeded you should now have a >> cn=config/cn=schema directory. > > Your conversion creates a slapd config database. As already stated countless > times, slapd database internal formats are subject to change without notice. > You should not be poking at the contents of any files within a slapd database > unless you really know what you're doing. If you're asking these types of > questions on this list, by definition you don't know what you're doing. > > Use the slapcat output to get the contents of a slapd database. This is why > the tool exists. Well strictly speaking it creates a temporary, minimal config database purely for the purpose of generating the contents of the cn=schema directory. You’re preaching to the converted about manually hacking the config files by hand as even a trailing space can stop your setup from loading and having some sanity checking at the point of making a modification to cn=config is really useful. However I get your point that a newbie might not appreciate the distinction between messing around with the contents of this temp cn=config directory and their own live one. > >> On 20 Sep 2014, at 07:17, Abhishek koserwal <[email protected]> >> wrote: >> >>> Hi, >>> >>> I need some reference material regarding "How to configure customize >>> schema" in OpenLdap2.4.x. I have some schema files of version 2.3<, when >>> slapd.conf were used. I am want to import those schema into new >>> Openldap.2.4.39 . I have gone through Admin guide tried some methods but, I >>> didn't get much help from it. Kindly help me or whom should I contact or >>> any specific materials. >>> >>> Thank You, >>> Abhishek koserwal, > > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/ > -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
