User Tools

Site Tools


application_specific_backups:openldap

OpenLDAP

If you have a simple setup with just one backend database, slapcat will produce a complete dump of your database for backup:

slapcat | gzip > backup.ldif

For more elaborate setups with multiple backends, slapcat needs the base DNs of each of the (local) backends.
This script will do all the work for you:

#!/bin/bash

SLAPD_CONF=/etc/ldap/slapd.conf
SLAPD_CONF_DIR=/etc/ldap/slapd.d

# where to put files
DEFAULT_BACKUP_PATH="/usr/local/backup/ldap_dumps"

BACKUP_PATH=${1:-$DEFAULT_BACKUP_PATH}

# set more secure umask
umask 0027

if [ ! -d "${BACKUP_PATH}/" ]; then
    echo "Error: \"${BACKUP_PATH}\" not found or not a directory." >&2
    exit 1
fi 

dumpSuffix() {
    suffix=${1//\"/}
    number=$2
    echo -n " - ${suffix}"
    slapcat -b "${suffix}" | bzip2 > ${BACKUP_PATH}/dump.db${number}.ldif.bz2
    echo "."
}

echo "searching for suffixes to dump"
if [ -r "${SLAPD_CONF}" ]; then
    # open slapd conf file and read line by line
    dbNum=0
    exec 3<${SLAPD_CONF}
    while read line <&3; do
        # search for database declaration
        if echo $line | grep -e '^database' > /dev/null; then
            (( dbNum++ ))
            database=`echo $line | awk '{print $2}'`
            # lets see if it's a bdb/hdb database (I don't care about anything else...)
            if [ "$database" == "bdb" ] || [ "$database" == "hdb" ]; then

                # searching for suffix now
                while [ -z $suffix ]; do
                    if read line <&3; then
                        if echo $line | grep -e '^suffix' > /dev/null; then
                            # found suffix, now we can dump this suffix somewhere
                            suffix=`echo $line | awk '{print $2}'`
                            dumpSuffix $suffix $dbNum
                        fi
                    fi
                done
                suffix=""
            fi
        fi
    done
    exec 3>&-       # close file descriptor
elif [ -d ${SLAPD_CONF_DIR} ]; then
    dbNum=0
    for conf in ${SLAPD_CONF_DIR}/cn\=config/olcDatabase*; do
        # only BDB/HDB databases
        if grep -e '^objectClass: \(olcBdbConfig\|olcHdbConfig\)$' $conf > /dev/null; then
            (( dbNum++ ))
            suffix=`grep -e 'olcSuffix: ' $conf | awk '{print $2}'`
            dumpSuffix $suffix $dbNum
        fi
    done
else
    echo "ERROR - configuration not found." >&2
    exit 1
fi

exit 0 
application_specific_backups/openldap.txt · Last modified: 2011/07/05 12:11 by emteedee