Red Hat Training

A Red Hat training course is available for Red Hat Directory Server

6.2. Exporting Data

LDAP Data Interchange Format (LDIF) files are used to export database entries from the Directory Server databases. LDIF is a standard format described in RFC 2849, The LDAP Data Interchange Format (LDIF) - Technical Specification.
Exporting data can be useful for the following:
  • Backing up the data in the database.
  • Copying data to another Directory Server.
  • Exporting data to another application.
  • Repopulating databases after a change to the directory topology.
For example, if a directory contains one database, and its contents are split into two databases, then the two new databases receive their data by exporting the contents of the old databases and importing it into the two new databases, as illustrated in Figure 6.1, “Splitting a Database Contents into Two Databases”.

Note

The export operations do not export the configuration information (cn=config), schema information (cn=schema), or monitoring information (cn=monitor).
Splitting a Database Contents into Two Databases

Figure 6.1. Splitting a Database Contents into Two Databases

The Directory Server Console or command-line utilities can be used to export data.

Warning

Do not stop the server during an export operation.

6.2.1. Exporting Directory Data to LDIF Using the Console

Some or all of directory data can be exported to LDIF, depending upon the location of the final exported file. When the LDIF file is on the server, only the data contained by the databases local to the server can be exported. If the LDIF file is remote to the server, all of the databases and database links can be exported.
Export operations can be run to get data from a server instance that is local to the Directory Server Console or from a different host machine (a remote export operation).
Export directory data to LDIF from the Directory Server Console while the server is running:
  1. Select the Tasks tab. Scroll to the bottom of the screen, and click Export Database(s).
    Alternatively, select the Configuration tab and click the Export from the Console menu.
  2. Enter the full path and filename of the LDIF file in the LDIF File field, or click Browse to locate the file.
    Browse is not enabled if the Console is running on a remote server. When the Browse button is not enabled, the file is stored in the default directory, /var/lib/dirsrv/slapd-instance/ldif.
  3. If the Console is running on a machine remote to the server, two radio buttons are displayed beneath the LDIF File field.
    • Select To local machine to export the data to an LDIF file on the machine from which the Console is running.
    • Select To server machine to export to an LDIF file located on the server's machine.
  4. To export the whole directory, select the Entire database radio button.
    To export only a single subtree of the suffix contained by the database, select the Subtree radio button, and then enter the name of the suffix in the Subtree text box. This option exports a subtree that is contained by more than one database.
    Alternatively, click Browse to select a suffix or subtree.

6.2.2. Exporting a Single Database to LDIF Using the Console

It is also possible to export a single database to LDIF. Do the following while the server is running:
  1. Select the Configuration tab.
  2. Expand the Data tree in the left navigation pane. Expand the suffix, and select the database under the suffix.
  3. Right-click the database, and select Export Database.
    Alternatively, select Export Database from the Object menu.
  4. In the LDIF file field, enter the full path to the LDIF file, or click Browse.
    When the Browse button is not enabled, the file is stored in the default directory, /var/lib/dirsrv/slapd-instance/ldif.

6.2.3. Exporting a Database to LDIF Using the Command Line

Directory Server supports the following ways to export data into LDIF files:

6.2.3.1. Exporting a Database While Directory Server is Running

To export a database while Directory Server is running, create an export task. You can either use the db2ldif.pl script to create it or create the task manually. After the task is completed, Directory Server automatically removes the task entry from the cn=export,cn=tasks,cn=config entry.
For a comparison of which db2ldif.pl command-line option sets which attribute in the task entry, see the Red Hat Directory Server Configuration, Command, and File Reference.
6.2.3.1.1. Exporting a Database Using the db2ldif.pl Script
The db2ldif.pl script creates a task to export a database while Directory Server is running. For example, to export the userRoot database: 
# db2ldif.pl -Z instance_name -D "cn=Directory Manager" -w - -n userRoot
By default, the script stores the exported data in the /var/lib/dirsrv/slapd-instance_name/ldif/ directory. The created file is named instance_name-database_or_suffix_name-time_stamp.ldif. Alternatively, you can pass the -a file_name option to the script to set a different location. Note that the Directory Server user requires write permissions in the destination directory.
For details about the available command-line options, see the description of the script in the Red Hat Directory Server Configuration, Command, and File Reference.
To export an encrypted database, see Section 10.7, “Exporting and Importing an Encrypted Database”.
6.2.3.1.2. Manually Creating an Export Task
Instead of using the db2ldif.pl script to create an export task, you can create the task entry manually. For example, to create a task that exports the userRoot database to the /tmp/export.ldif file: 
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x

dn: cn=task_name,cn=export,cn=tasks,cn=config
objectclass: extensibleObject
cn: task_name
nsInstance: userRoot
nsFilename: /tmp/export.ldif
For a list of settings which you can use in export task entries, see the Red Hat Directory Server Configuration, Command, and File Reference.

6.2.3.2. Exporting a Database While Directory Server is Stopped

To export a database while the Directory Server instance is stopped, use the db2ldif script. The script takes the same options as the db2ldif.pl script, which can export data while the instance is running.
For example, to export the userRoot database while the instance is stopped: 
# db2ldif -Z instance_name -n userRoot
By default, the script stores the exported data in the /var/lib/dirsrv/slapd-instance_name/ldif/ directory. The created file is named instance_name-database_or_suffix_name-time_stamp.ldif. Alternatively, you can pass the -a file_name option to the script to set a different location. Note that the Directory Server user requires write permissions in the destination directory.
For details about the available command-line options, see the description of the script in the Red Hat Directory Server Configuration, Command, and File Reference.