# $OpenLDAP$
-# Copyright 1999-2000, The OpenLDAP Foundation, All Rights Reserved.
+# Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved.
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
H1: Database Creation and Maintenance Tools
This section tells you how to create a slapd database from scratch,
and how to do trouble shooting if you run into problems. There are
two ways to create a database. First, you can create the database
-on-line using LDAP. With this method, you simply start up slapd
+on-line using {{TERM:LDAP}}. With this method, you simply start up slapd
and add entries using the LDAP client of your choice. This method
is fine for relatively small databases (a few hundred or thousand
entries, depending on your requirements). This method works for
database types which support updates.
The second method of database creation is to do it off-line using
-special utilities provided with slapd. This method is best if you
+special utilities provided with {{slapd}}(8). This method is best if you
have many thousands of entries to create, which would take an
unacceptably long time using the LDAP method, or if you want to
ensure the database is not accessed while it is being created. Note
-that not all database types support these utilitites.
+that not all database types support these utilities.
H2: Creating a database over LDAP
You should set this to the DN of the root of the subtree you are
trying to create. For example:
-> suffix "dc=example, dc=com"
+> suffix "dc=example,dc=com"
You should be sure to specify a directory where the index files
should be created:
For example:
-> directory /usr/local/var/openldap-ldbm
+> directory /usr/local/var/openldap-data
You need to create this directory with appropriate permissions such
that slapd can write to it.
For example:
-> rootdn "cn=Manager, dc=example, dc=com"
+> rootdn "cn=Manager,dc=example,dc=com"
> rootpw secret
These options specify a DN and password that can be used to
{{EX:objectclass}} attributes, the following {{EX:index}} directives
could be used:
-> index cn,sn,uid
-> index objectClass pres,eq
+> index cn,sn,uid pres,eq,approx,sub
+> index objectClass eq
+
+This would create presence, equality, approximate, and substring
+indices for the {{EX:cn}}, {{EX:sn}}, and {{EX:uid}} attributes and
+an equality index for the {{EX:objectClass}} attribute. Note that
+not all index types are available with all attribute types. See
+{{SECT:The slapd Configuration File}} section for more information
+on this option.
-See {{SECT:The slapd Configuration File}} section for more details on
-this option. Once you have configured things to your liking, start up
-slapd, connect with your LDAP client, and start adding entries. For
-example, to add an organization entry and an organizational role entry
-using the {{I:ldapadd}} tool, you could create an {{TERM:LDIF}} file
-called {{EX:entries.ldif}} with the contents:
+Once you have configured things to your liking, start up slapd,
+connect with your LDAP client, and start adding entries. For
+example, to add an organization entry and an organizational role
+entry using the {{I:ldapadd}} tool, you could create an {{TERM:LDIF}}
+file called {{EX:entries.ldif}} with the contents:
> # Organization for Example Corporation
-> dn: dc=example, dc=com
+> dn: dc=example,dc=com
> objectClass: dcObject
> objectClass: organization
> dc: example
> description: The Example Corporation
>
> # Organizational Role for Directory Manager
-> dn: cn=Manager, dc=example, dc=com
+> dn: cn=Manager,dc=example,dc=com
> objectClass: organizationalRole
> cn: Manager
> description: Directory Manager
You should set this to the DN of the root of the subtree you are
trying to create. For example:
-> suffix "dc=example, dc=com"
+> suffix "dc=example,dc=com"
You should be sure to specify a directory where the index files
should be created:
For example:
-> directory /usr/local/var/openldap-ldbm
+> directory /usr/local/var/openldap-data
-Finally, you need to specify which indexes you want to build. This
+Finally, you need to specify which indices you want to build. This
is done by one or more index options.
> index {<attrlist> | default} [pres,eq,approx,sub,none]
For example:
-> index cn,sn,uid pres,eq,approx
+> index cn,sn,uid pres,eq,approx,sub
> index objectClass eq
-This would create presence, equality and approximate indexes for
-the {{EX:cn}}, {{EX:sn}}, and {{EX:uid}} attributes and an equality
-index for the {{EX:objectClass}} attribute. See the configuration
-file section for more information on this option.
+This would create presence, equality, approximate, and substring
+indices for the {{EX:cn}}, {{EX:sn}}, and {{EX:uid}} attributes and
+an equality index for the {{EX:objectClass}} attribute. Note that
+not all index types are available with all attribute types. See
+{{SECT:The slapd Configuration File}} section for more information
+on this option.
H3: The {{EX:slapadd}} program
Once you've configured things to your liking, you create the primary
-database and associated indexes by running the {{slapadd}}(8)
+database and associated indices by running the {{slapadd}}(8)
program:
> slapadd -l <inputfile> -f <slapdconfigfile>
> -l <inputfile>
-Specifies the LDIF input file containing the entries to add in text
-form (described below in the {{SECT:The LDIF text entry format}}
-section).
+Specifies the {{TERM:LDIF}} input file containing the entries to
+add in text form (described below in the {{SECT:The LDIF text entry
+format}} section).
> -f <slapdconfigfile>
Specifies the slapd configuration file that tells where to create
-the indexes, what indexes to create, etc.
+the indices, what indices to create, etc.
+
+> -F <slapdconfdirectory>
+
+Specifies a config directory. If both {{EX:-f}} and {{EX:-F}} are specified,
+the config file will be read and converted to config directory format and
+written to the specified directory. If neither option is specified, an attempt
+to read the default config directory will be made before trying to use the
+default config file. If a valid config directory exists then the default
+config file is ignored. If dryrun mode is also specified, no conversion will occur.
> -d <debuglevel>
An optional argument that specifies which database to modify. The
first database listed in the configuration file is {{EX:1}}, the
-second {{EX:2}}, etc. By default, the first ldbm database in the
+second {{EX:2}}, etc. By default, the first database in the
configuration file is used. Should not be used in conjunction with
{{EX:-b}}.
where {{EX:-n}} or {{EX:-b}} is used to select the database in the
{{slapd.conf}}(5) specified using {{EX:-f}}. The corresponding
-LDIF output is written to standard output or to the file specified
-using the {{EX:-l}} option.
+{{TERM:LDIF}} output is written to standard output or to the file
+specified using the {{EX:-l}} option.
!if 0
A line may be continued by starting the next line with a {{single}}
space or tab character. For example:
-> dn: cn=Barbara J Jensen, dc=example, dc=
+> dn: cn=Barbara J Jensen,dc=example,dc=
> com
> cn: Barbara J
> Jensen
is equivalent to:
-> dn: cn=Barbara J Jensen, dc=example, dc=com
+> dn: cn=Barbara J Jensen,dc=example,dc=com
> cn: Barbara J Jensen
Multiple attribute values are specified on separate lines. e.g.,
For example, the following specifies the {{EX:jpegPhoto}} value
should be obtained from the file {{F:/path/to/file.jpeg}}.
-> cn:< file://path/to/file.jpeg
+> cn:< file:///path/to/file.jpeg
Multiple entries within the same LDIF file are separated by blank
lines. Here's an example of an LDIF file containing three entries.
> # Barbara's Entry
-> dn: cn=Barbara J Jensen, dc=example, dc=com
+> dn: cn=Barbara J Jensen,dc=example,dc=com
> cn: Barbara J Jensen
> cn: Babs Jensen
> objectClass: person
> sn: Jensen
>
> # Bjorn's Entry
-> dn: cn=Bjorn J Jensen, dc=example, dc=com
+> dn: cn=Bjorn J Jensen,dc=example,dc=com
> cn: Bjorn J Jensen
> cn: Bjorn Jensen
> objectClass: person
> ERXRTc4UG1RV19iZ2hnPk1xeXBkeFxlZ2P/2wBDARESEhgVG
>
> # Jennifer's Entry
-> dn: cn=Jennifer J Jensen, dc=example, dc=com
+> dn: cn=Jennifer J Jensen,dc=example,dc=com
> cn: Jennifer J Jensen
> cn: Jennifer Jensen
> objectClass: person
> sn: Jensen
> # JPEG photo from file
-> jpegPhoto:< file://path/to/file.jpeg
+> jpegPhoto:< file:///path/to/file.jpeg
Notice that the {{EX:jpegPhoto}} in Bjorn's entry is base 64 encoded
and the {{EX:jpegPhoto}} in Jennifer's entry is obtained from the