[ldap]slapcat/ldapsearch与ldap备份

http://serverfault.com/questions/577356/ldap-backup-with-slapcat-vs-ldapsearch

Used: openldap-servers-2.4.23-34.el6_5.1.x86_64

Task: create script for crontab to create scheduled database full backup.

1) slapcat - create file in in the default format, Berkeley DB.

2) slapcat can be done while slapd running (if bdb/hdb database used).

3) To restore file after slapcat - must be used slapdd (not ldapadd).

4) slapcat/add doesn't require password.

5) slapadd can be done only when slapd stopped.

Example:

 $ slapcat -f /etc/openldap/slapd.conf -b "dc=db_1" -l db_1_backup.ldif
 $ slapadd -l db_1_backup.ldif

Instead of slapcat/add - let's took a look at ldapsearch/add:

1) ldapsearch - creates file with almost same information as slapcat;

2) ldapadd - can use file from ldapsearch, don't require slapd must be stopped;

3) ldapadd/search - require password.

Example:

 $ ldapsearch -D "cn=root,dc=db_1" -W -b "dc=db_1" "dc=db_1" -LLL > db_1_backup2.ldif
 $ ldapadd -x -D "cn=root,dc=db_1" -W -f db_1_backup2.ldif