I've been doing some testing with ldapadd
and ldapmodify
and what I noticed is:
–ldapadd
will fail if the entry already exists:
=> hdb_tool_entry_put: txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30995)
ldapadd: could not add entry dn="mail=test1@example.org,ou=People,dc=example,dc=org" (line=1): txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30995)
–ldapmodify
will fail if the entry doesn't:
modifying entry "mail=test2@example.org,ou=People,dc=example,dc=org"
ldap_modify: No such object (32)
matched DN: ou=People,dc=example,dc=org
Therefore when restoring a backup on an existing database with some existing and some missing entries you can't just use either of these tools, you need to create a routine that:
-either deletes all the users that already exists in the database and are present in the backup and then import using ldapadd
.
-or converts the backup ldif file to be ldapmodify-compatible (add or modify depending on whether the user exists) and use ldapmodify
.
Q: Isn't there a tool that would take care of that for you?
Additional info: running openldap 2.4.21
on ubuntu server 10.04
Best Answer
You can either give the
-a
flag toldapmodify
or put the linechangetype: add
into your LDIF data if you add an entry, andchangetype: modify
to modify the entry.