Home / server / Questions / 818393
Accepted
notes-jj
Asked: 2016-12-03 08:23:48 +0800 CST

OpenLDAP: Convert AD-Schema from *.ldif to *.schema

  • 772

I'm running an OpenLDAP 2.4.44 with the module back_ldap as LDAP Proxy for MS-AD-Servers (see for details: openLDAP as proxy to Active Directory).

Now I need to add the schemata from AD-Server to the OpenLDAP-Server and I have exported the schemata from a MS-AD-Server with ldapsearch into a ldif-file (see for details: How can I fetch schema information from the server?).

Now I need to convert the ldif-format to a schema-format for OpenLDAP slapd.conf. It is not possible to load the ldif with ldapadd, because the OpenLDAP is running in proxy mode, so every request will be forwarded to MS-AD-Servers.

How do I convert the ldif-file to an schema file? Is there any tool. Or how to add a ldif-file to be loaded via slapd.conf.

active-directory openldap ldif

1 Answers

  1. Best Answer

    What you would need to do is to remove the attributes dn, cn and objectClass and replace all occurences of olcAttributeTypes: and olcObjectClasses: with attributetype and objectclass respectively.

    You can also do it via shell.

    One-liner on linux shell:

    sed '/^dn: /d;/^objectClass: /d;/^cn: /d;s/olcAttributeTypes:/attributetype/g;s/olcObjectClasses:/objectclass/g' file.ldif > file.schema

    Corresponding command in windows powershell:

    Get-Content file.ldif | Where { $_ -notmatch "^dn: " } | Where { $_ -notmatch "^objectClass: " } | Where { $_ -notmatch "^cn: " } | %{ $_ -replace "olcObjectClasses:", "objectclass" } | %{ $_ -replace "olcAttributeTypes:", "attributetype" } | Out-File file.schema
    • 4