mail us  |  mail this page

contact us
training  | 
tech stuff  | 

Appendix A - OpenLDAP Avoiding Starting Again

The following notes may be useful when working with OpenLDAP they describe what you can and cannot do without ripping everything up and starting again.

What you can do

You can do any of the following things using an operational directory and without junking it and starting again - it is not necessary to get this stuff right at the beginning:

  1. Add new entries - really! Using ldapadd with a running directory or slapadd with OpenLDAP (slapd) stopped.

  2. You can add a new objectclasses of type AUXILLIARY to existing entries i.e. you can add posixaccount to an existing entry with, say, inetorgperson.

  3. You can add a new objectclasses of type STRUCTURAL to existing entries IF and ONLY IF it has a SUP (parent) which is already contained in the entry e.g. you can add inetorgperson to an existing entry with, say, person but you cannot add account in the same circumstances because it has a SUP of top and would create a second STRUCTURAL object class hierarchy in the entry - which is now strictly verboten.

What you can't do

You CANNOT do any of the following things using an operational directory. If you get any of this stuff wrong it will hurt - maybe badly, maybe not:

Starting all over again

Darkness has descended on the world. You have a major structuring problem on your hands and you need to start again. First thing to do is panic! Then do some thinking.

  1. Export the whole directory as a text LDIF file. Because LDIF files are pure text you can write some simple scripts to manipulate the entire directory.

  2. Stop OpenLDAP (slapd). Go to the directory defined in your database of slapd.conf and delete everything in the directory.

  3. Sart OpenLDAP (slapd). Use ldapadd to import your modified LDIF file back into the directory.

Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.


tech info
guides home
1 objectives
big picture
2 concepts
3 ldap objects
4 install ldap
5 samples
6 configuration
7 replica & refer
8 ldif
9 protocol
10 ldap api
11 howtos
12 trouble
13 performance
14 ldap tools
15 security
notes & info
ldap resources
rfc's & x.500
ldap objects
change log

Creative Commons License
This work is licensed under a Creative Commons License.

If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Firefox


Share Page

share page via facebook tweet this page submit page to stumbleupon submit page to

Page Features

Page comment feature Send to a friend feature print this page Decrease font size Increase font size

RSS Feed Icon RSS Feed



Debian Linux


GNU-Free SW Foundation


Open Source Initiative
Creative Commons


Ibiblio - Library
Open Book Project
Open Directory

SPF Resources

Draft RFC
SPF Web Site
SPF Testing
SPF Testing (member only)


CSS Technology SPF Record Conformant Domain
Copyright © 1994 - 2024 ZyTrax, Inc.
All rights reserved. Legal and Privacy
site by zytrax
hosted by
web-master at zytrax
Page modified: February 04 2022.