You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by Fabrice Aupert <fa...@gmail.com> on 2014/04/09 14:49:28 UTC
Import custom schema from OpenLDAP
Hi,
I'm trying to import a custom schema which used to live in an OpenLDAP
server (v2.3). This schema has its own dn (dn:
cn={12}myclient123,cn=schema,cn=config.
I've installed ApacheDS 2.0.0_M16, configured a new partition, named
myclient123 with a dc=myclient123,dc=net suffix.
Schema-wise I've created a new entry under ou=schema :
cn=myclient123,ou=schema (via ldapadd and an export from Apache Directory
Studio/Schema Editor). That's about everything I've managed to achieve :
- Apche Directory Studio : I've tried to export the OpenLDAP schema as LDIF
file, then failed to import this file into ApacheDS (getting various
errors, fixing, getting another error, etc)
- Apche Directory Studio : create an offline schema, then import from
OpenLDAP schema files > I've no idea how to generate those files from my
OpenLDAP version which uses dynamic DB stuff
- ldapmodify : I've generated a 'changetype: modify' kind of LDIF file from
the OpenLDAP schema but when I try to import it into dn:
cn=myclient123,ou=schema I get a nice 'modifying entry
cn=myclient123,ou=schema modify complete' message followed by... a big
disappointment : nothing is actually imported into ApacheDS (service
restart done), not a single attributeType :)
I'm kind of running out of ideas. I may be following the wrong paths as I'm
king of new in the LDAP domain, any advice would be very welcome.
Cheers.
Fabrice
Re: Import custom schema from OpenLDAP
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 4/18/14 5:43 PM, Fabrice Aupert a écrit :
> Hi Emmanuel,
>
> Thank you very much for your helps. It worked. I actually wrote a small
> python - which has a basic ldif support - script to transform OpenLdap LDIF
> export into like you described.
>
> Have a nice week end.
Thanks ! So do you.
If you have any other issues, feel free to post here.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: Import custom schema from OpenLDAP
Posted by Fabrice Aupert <fa...@gmail.com>.
Hi Emmanuel,
Thank you very much for your helps. It worked. I actually wrote a small
python - which has a basic ldif support - script to transform OpenLdap LDIF
export into like you described.
Have a nice week end.
Cheers.
Fabrice
Le 13 avr. 2014 01:38, "Emmanuel Lécharny" <el...@gmail.com> a écrit :
> Le 4/11/14 3:01 PM, Fabrice Aupert a écrit :
> > Hi Emmanuel,
> >
> > Thanks for your answer.
> >
> >> You should *urgently* switch to 2.4.
> > I was wrong actually. We're using OpenLdap 2.4.
> >
> >> Can you provide the exported LDIF ?
> > See attached file. It contains quite a lot of attribute types and object
> > classes from a Sun LDAP server which our client uses. As we can't have
> this
> > proprietary LDAP serve in our infrastructure, I made a first import into
> an
> > OpenLDAP server. Now we have to migrate to ApacheDS - for depressing
> > reasons I'd rather not explain here .
>
> This file does contains what is in the subschema subentry of your
> OpenLDAP server. That's fine, but that's not something Studio will be
> able to load as is.
>
> You need to make it a standard openldap schema file (ie, if you store
> this file in the schema subdirectory of any OpenLDAP server, and ask
> OpenLDAP to load it, it will fail).
>
> However, this is not exactly tough to transform this file so that it can
> be loaded :
> - remove the dn, and other things at the very beginning of the file, up
> to the first attributeTypes attributeType.
> - replace *all* the 'attributTypes:' to become 'attributetype' (beware :
> this is case sensitive)
> - do the same thing for 'objectClasses:' to be replaced with 'objectclass'
> - now, you will have to go through all the elements, and merge the lines
> so that each AT and OC are on one single line. An exemple :
>
> attributeTypes: ( 1.3.6.1.4.1.6054.3.125.2.56 NAME 'erADLastFailedLogin'
> DESC 'Data of last failed login attempt.' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.
> 15 SINGLE-VALUE X-ORIGIN 'user defined' )
>
>
> becomes :
>
> attributetype ( 1.3.6.1.4.1.6054.3.125.2.56 NAME 'erADLastFailedLogin'
> DESC 'Data of last failed login attempt.' SYNTAX
> 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
>
> You will then be able to load the resulting file as an OpenLDAP schema.
>
> Ye,s the last step is a bit painful, but it does the trick. You just
> have to be careful not to leave extra spaces in the middle of elements
> liks syntax or any other keyword.
>
> I did it for a few elements, it worked.
>
> Hoep it helps.
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>
Re: Import custom schema from OpenLDAP
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 4/11/14 3:01 PM, Fabrice Aupert a écrit :
> Hi Emmanuel,
>
> Thanks for your answer.
>
>> You should *urgently* switch to 2.4.
> I was wrong actually. We're using OpenLdap 2.4.
>
>> Can you provide the exported LDIF ?
> See attached file. It contains quite a lot of attribute types and object
> classes from a Sun LDAP server which our client uses. As we can't have this
> proprietary LDAP serve in our infrastructure, I made a first import into an
> OpenLDAP server. Now we have to migrate to ApacheDS - for depressing
> reasons I'd rather not explain here .
This file does contains what is in the subschema subentry of your
OpenLDAP server. That's fine, but that's not something Studio will be
able to load as is.
You need to make it a standard openldap schema file (ie, if you store
this file in the schema subdirectory of any OpenLDAP server, and ask
OpenLDAP to load it, it will fail).
However, this is not exactly tough to transform this file so that it can
be loaded :
- remove the dn, and other things at the very beginning of the file, up
to the first attributeTypes attributeType.
- replace *all* the 'attributTypes:' to become 'attributetype' (beware :
this is case sensitive)
- do the same thing for 'objectClasses:' to be replaced with 'objectclass'
- now, you will have to go through all the elements, and merge the lines
so that each AT and OC are on one single line. An exemple :
attributeTypes: ( 1.3.6.1.4.1.6054.3.125.2.56 NAME 'erADLastFailedLogin'
DESC 'Data of last failed login attempt.' SYNTAX
1.3.6.1.4.1.1466.115.121.1.
15 SINGLE-VALUE X-ORIGIN 'user defined' )
becomes :
attributetype ( 1.3.6.1.4.1.6054.3.125.2.56 NAME 'erADLastFailedLogin'
DESC 'Data of last failed login attempt.' SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
You will then be able to load the resulting file as an OpenLDAP schema.
Ye,s the last step is a bit painful, but it does the trick. You just
have to be careful not to leave extra spaces in the middle of elements
liks syntax or any other keyword.
I did it for a few elements, it worked.
Hoep it helps.
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: Re: Import custom schema from OpenLDAP
Posted by Fabrice Aupert <fa...@gmail.com>.
Hi Emmanuel,
Thanks for your answer.
> You should *urgently* switch to 2.4.
I was wrong actually. We're using OpenLdap 2.4.
> Can you provide the exported LDIF ?
See attached file. It contains quite a lot of attribute types and object
classes from a Sun LDAP server which our client uses. As we can't have this
proprietary LDAP serve in our infrastructure, I made a first import into an
OpenLDAP server. Now we have to migrate to ApacheDS - for depressing
reasons I'd rather not explain here .
When I import this LDIF through Directory Studio :
- case #1 : if dn: cn=client123, ou=schema already exists I get an error
message complaining about entry already existing...
- case #2 : otherwise, import log says everything went fine (see below) but
nothing really happened except for "dn: cn=client123, ou=schema" entry
being created
#!RESULT OK
#!CONNECTION ldap://host-client123:10389
#!DATE 2014-04-11T13:13:50.522
dn: cn=client123, ou=schema
objectclass: metaSchema
objectclass: top
cn: client123
attributeTypes: ...
What happens is that LDIF is imported in /var/lib/apacheds-2.0.0_M16
# find . -type f -exec grep -i usertim {} +
./default/partitions/schema/ou=schema/cn=client123.ldif:objectClasses: (
2.25.2548.9845.21360.100 NAME 'usertim' SUP 'inetOrgPerson' STR
So there is a ./default/partitions/schema/ou=schema/cn=client123.ldif file
but no ./default/partitions/schema/ou=schema/cn=client123 directory with
all the attributeTypes, objectClasses & co hierarchies.
Cheers.
Fabrice
Re: Import custom schema from OpenLDAP
Posted by Emmanuel Lécharny <el...@gmail.com>.
Le 4/9/14 2:49 PM, Fabrice Aupert a écrit :
> Hi,
>
> I'm trying to import a custom schema which used to live in an OpenLDAP
> server (v2.3).
You should *urgently* switch to 2.4.
> This schema has its own dn (dn:
> cn={12}myclient123,cn=schema,cn=config.
>
> I've installed ApacheDS 2.0.0_M16, configured a new partition, named
> myclient123 with a dc=myclient123,dc=net suffix.
>
> Schema-wise I've created a new entry under ou=schema :
> cn=myclient123,ou=schema (via ldapadd and an export from Apache Directory
> Studio/Schema Editor). That's about everything I've managed to achieve :
>
> - Apche Directory Studio : I've tried to export the OpenLDAP schema as LDIF
> file, then failed to import this file into ApacheDS (getting various
> errors, fixing, getting another error, etc)
Can you provide the exported LDIF ?
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com