14.8. Migrating Directories from Earlier Releases

Beginning with the release of Red Hat Linux 9, OpenLDAP uses Sleepy Cat Software's Berkeley DB system as its on-disk storage format for directories. Earlier versions of OpenLDAP used GNU Database Manager (gdbm). For this reason, before upgrading an LDAP implementation to Red Hat Enterprise Linux 3 from Red Hat Enterprise Linux 2.1 or Red Hat Linux 7.x through 8, perform the following steps:

  1. Before upgrading the operating system, run the command /usr/sbin/slapcat -l ldif-output. This outputs an LDIF file called ldif-output containing the entries from the LDAP directory.

  2. Upgrade the operating system, being careful not to reformat the partition containing the LDIF file.

  3. Re-import the LDAP directory to the upgraded Berkeley DB format by executing the command /usr/sbin/slapadd -l ldif-output.

ImportantImportant
 

If an LDAP directory is not exported before upgrading to Red Hat Enterprise Linux 3 from Red Hat Enterprise Linux 2.1 or Red Hat Linux 7.x through 8, use the command /usr/sbin/slapcat-gdbm -l ldif-output to extract the older directory (replacing ldif-output with the file name for the LDIF output). This command creates an LDIF file suitable for importing with the slapadd command.

14.8.1. Migrating 1.x Directories

Beginning with Red Hat Linux 7.1, the on-disk storage format used by the slapd LDAP server changed to gdbm. If upgrading an LDAP directory from a system that ran Red Hat Linux 7 or earlier, it is necessary to extract the existing LDAP directories to an LDIF file using the following command:

ldbmcat -n > <ldif_file>

In the above command, change <ldif_file> to the name of the output file. Next type the following command to import this file:

slapadd -l <ldif_file>

ImportantImportant
 

Only the root user may use /usr/sbin/slapadd. However, the directory server runs as the ldap user. Therefore the directory server is unable to modify any files created by slapadd. To correct this issue, after using slapadd, type the following command:

chown -R ldap /var/lib/ldap