• Contact Us
  • Home
  • Reference

Using slapadd

Harness the power of slapadd to efficiently add multiple entries to your LDAP database.

Written by Maryanne Normann

Updated at October 30th, 2024

  • Quick Start
  • Installation
    Best Practices Configuration Troubleshooting Design Performance Platform
  • Maintenance
    Releases Upgrade
  • Reference
+ More

Table of Contents

Using slapadd Overview Prerequisites Usage Syntax Step-by-Step Instructions Performance Considerations Troubleshooting Conclusion

Date: 10-11-2024

Using slapadd

Overview

The slapadd utility is part of OpenLDAP’s suite of tools for managing directory data. It allows administrators to add large amounts of data directly to an OpenLDAP database by bypassing the LDAP protocol itself. This makes it ideal for bulk imports or initial population of a database. However, because slapadd modifies the database files directly, it must be used with caution and when the LDAP server (slapd) is not running.

This article provides guidance on how to use slapadd to safely import LDIF files into an OpenLDAP database.

Backup Important Data: It is strongly recommended that you create a backup of your configuration before making changes: LDAP Database Backup. 

Prerequisites

Before using slapadd, ensure the following:

  • The OpenLDAP service (slapd) is stopped to prevent conflicts. slapadd writes directly to the database files, which could cause corruption if the service is running.
sudo systemctl stop slapd
  • You have the necessary administrative privileges to access the OpenLDAP database files and the configuration file (slapd.conf or slapd.d directory).
  • The LDIF file you plan to import is correctly formatted and validated.
  • The database backend has been properly set up.

Usage Syntax

The basic syntax of slapadd is:

slapadd <options>

Common Options:

  • -f <file>: Specify the configuration file (usually slapd.conf).
  • -F <directory>: Specify the configuration directory (usually /etc/openldap/slapd.d).
  • -n <dbnum>: Specify the database number to which the LDIF file should be added. The database number corresponds to the one defined in your configuration.
  • -l <file>: Specify the path to the LDIF file to be imported.
  • -q: Quick mode (bypasses database consistency checks for speed; use with caution).
  • -v: Enable verbose output for progress information.
  • -c: Continue on errors. Entries with errors are skipped, and processing continues with the next entry.

Step-by-Step Instructions

Step 1: Stopping the LDAP Server

Since slapadd modifies database files directly, make sure the LDAP server is not running:

sudo systemctl stop slapd

Step 2: Preparing the LDIF File

Ensure your LDIF file is well-formed and does not contain errors. This step is crucial to prevent issues during import.

Step 3: Running slapadd

Use slapadd to add entries from your LDIF file. The command syntax depends on whether you're using the slapd.conf or the slapd.d configuration directory.

If using slapd.conf:

sudo slapadd -f /etc/openldap/slapd.conf -l /path/to/file.ldif -n <dbnum>

If using the configuration directory (slapd.d):

sudo slapadd -F /etc/openldap/slapd.d -l /path/to/file.ldif -n <dbnum>

Example:

To add data from an LDIF file into database 1:

sudo slapadd -F /etc/openldap/slapd.d -l /tmp/data.ldif -n 1 -v

Step 4: Adjusting Permissions

After running slapadd, you may need to reset the permissions of the database files to ensure slapd can access them. Run the following:

sudo chown -R ldap:ldap /var/lib/openldap

Step 5: Starting the LDAP Server

Once the data has been successfully added, restart the LDAP server:

sudo systemctl start slapd

Performance Considerations

Quick Mode (-q): This option can speed up the import process, especially for large datasets, by skipping certain consistency checks. However, it should be used with caution as it might lead to database inconsistencies if the LDIF file is not well-formed.

Multiple Databases: If your configuration defines multiple databases, you need to use the -n option to specify the target database for the import.

Backup: Always back up your OpenLDAP database before running slapadd, especially when using the -q option.

Troubleshooting

Error: Database corruption: If slapadd fails due to a corrupted database, restore from a backup or use the slapcat utility to export the database before attempting a re-import.

Permission errors: Ensure that the OpenLDAP database files are owned by the correct user and group (ldap:ldap).

Server fails to start: Verify the integrity of your database files and the configuration files if slapd fails to start after using slapadd.

Conclusion

slapadd is a powerful utility for importing large amounts of data into OpenLDAP databases efficiently. Ensure the LDAP server is stopped before use and the LDIF file is well-formed to avoid issues. Following the best practices outlined in this article will help you successfully add data to your OpenLDAP database.

For further assistance, please contact Symas support.

 

 

 

Copyright © 2020-2024 Symas Corporation. All rights reserved.
utility slapadd openldap ldif import bulk data slapd symas

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Using OpenLDAP with gitea
  • Using OpenLDAP with ergo
  • General slapd Operations
  • Using OpenLDAP with DEX
  • Symas Blog RSS Feed
  • Symas on Facebook
  • Symas on Twitter
  • Symas Blog
  • Symas on LinkedIn
  • Symas YouTube Channel

Copyright © 2023, Symas Corporation. All rights reserved. Privacy Statement (updated July 31, 2023)

Phone:

Main Office: +1.650.963.7601
Fax: +1.650.390.6284

Email:

Sales: sales@symas.com
Support: support@symas.com

Office Hours:

8:00 AM - 5:00 PM ET

Office Location:

Symas Corporation
PO Box 391
Grand Junction, CO 81507 USA

Expand