http://serverfault.com/questions/577356/ldap-backup-with-slapcat-vs-ldapsearch
Used: openldap-servers-2.4.23-34.el6_5.1.x86_64
Task: create script for crontab
to create scheduled database full backup.
1) slapcat
- create file in in the default format, Berkeley DB.
2) slapcat
can be done while slapd
running (if bdb/hdb
database used).
3) To restore file after slapcat
- must be used slapdd
(not ldapadd
).
4) slapcat/add
doesn't require password.
5) slapadd
can be done only when slapd
stopped.
Example:
$ slapcat -f /etc/openldap/slapd.conf -b "dc=db_1" -l db_1_backup.ldif
$ slapadd -l db_1_backup.ldif
Instead of slapcat/add
- let's took a look at ldapsearch/add
:
1) ldapsearch
- creates file with almost same information as slapcat
;
2) ldapadd
- can use file from ldapsearch
, don't require slapd
must be stopped;
3) ldapadd/search
- require password.
Example:
$ ldapsearch -D "cn=root,dc=db_1" -W -b "dc=db_1" "dc=db_1" -LLL > db_1_backup2.ldif
$ ldapadd -x -D "cn=root,dc=db_1" -W -f db_1_backup2.ldif