[CentOS] Please help -- centos 5.8: does the slapcat still breaks ldap data integrity?

Tue Nov 13 09:31:24 UTC 2012
Leon Fauster <leonfauster at googlemail.com>

Am 13.11.2012 um 08:45 schrieb Gelen James:
> Hi all,
> 
>  I've a small project to backup and restore openldap servers online on centos 5.8. Basically I don't have the luxury to shutdown the ldap server, then backup whole /var/lib/ldap/, but have to backup online with slapcat or similar command line tool.
> 
> The major concern of using slapcat is the warning below, which was excerpt from link http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-ldap-daemonsutils.html
> 
> You must stop slapd by issuing the /sbin/service ldap stop command before using slapadd, slapcat or slapindex. Otherwise, the integrity of the LDAP directory is at risk.
> Does the limitation of slapcat -- stop ldap first -- still exist? Please shed a light onto this. Thanks.



for the "online" backup i suggest 

export DESTBACKUPFILE=$(date +%Y%m%d).ldif

ldapsearch -x -b dc=example,dc=com -D cn=manager,dc=example,dc=com -w $(cat /etc/ldap.secret) > "$DESTBACKUPFILE"

--
LF