On 09/10/2014 06:48 AM, Rob Crittenden wrote:
Ghiurea, Isabella wrote:
Hi Gurus, I would like to know how can I export only the objects definitons aka :roles, ac's definitons not the DS data content, we would like to be able have a copy of definition for development purpose. Thank you Isabella
So you want just the schema? You can get it online with:
ldapsearch -x -b cn=schema objectclasses attributetypes
If you are trying to use grep on this list, use
ldapsearch -xLLL -o ldif-wrap=no -b cn=schema objectclasses attributetypes
Role definitions are stored in entries that have a base objectclass of ldapSubEntry. Entries with ldapSubEntry are hidden by regular searches. You have to ask for them specifically e.g. '(|(objectclass=*)(objectclass=ldapSubEntry))'
If by "ac" you mean access control, these definitions are stored as operational attributes in entries. These operational attributes are also not returned by regular searches and must be requested specifically.
So your full ldapsearch would look something like this:
ldapsearch -xLLL -D "cn=directory manager" -W -b "dc=your,dc=domain" '(|(objectclass=*)(objectclass=ldapSubEntry))' * aci
Or you can look in /etc/dirsrv/slapd-YOURINSTANCE/schema
rob
389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users