On 09/10/2014 06:48 AM, Rob Crittenden wrote:
Ghiurea, Isabella wrote:
Hi Gurus,
I would like to know how can I export only the objects definitons aka
:roles, ac's definitons not the DS data content, we would like to be
able have a copy of definition for development purpose.
Thank you
Isabella
So you want just the schema? You can get it online with:
ldapsearch -x -b cn=schema objectclasses attributetypes
If you are trying to use grep on this list, use
ldapsearch -xLLL -o ldif-wrap=no -b cn=schema objectclasses attributetypes
Role definitions are stored in entries that have a base objectclass of
ldapSubEntry. Entries with ldapSubEntry are hidden by regular
searches. You have to ask for them specifically e.g.
'(|(objectclass=*)(objectclass=ldapSubEntry))'
If by "ac" you mean access control, these definitions are stored as
operational attributes in entries. These operational attributes are
also not returned by regular searches and must be requested specifically.
So your full ldapsearch would look something like this:
ldapsearch -xLLL -D "cn=directory manager" -W -b "dc=your,dc=domain"
'(|(objectclass=*)(objectclass=ldapSubEntry))' \* aci
Or you can look in /etc/dirsrv/slapd-YOURINSTANCE/schema
rob
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
