oLschema2ldif

oLschema2ldif [OPTIONS]

-q
    
Quiet mode. Suppresses informational messages during the conversion process, showing only errors or critical output.

-n
    
Dry run. Parses the schema files and performs syntax checks but does not produce any LDIF output. This is useful for validating the syntax and consistency of schema definitions without actually generating output.

<schemafile ...>
    
One or more paths to OpenLDAP schema definition files. The command will read and convert these files into LDIF entries. These are typically standard text files defining attribute types and object classes.

oLschema2ldif is an OpenLDAP utility designed to convert traditional OpenLDAP schema definition files (often ending in .schema and typically found in /etc/openldap/schema) into LDIF (LDAP Data Interchange Format) entries.
These LDIF entries are specifically formatted for use with the cn=config dynamic configuration system introduced in OpenLDAP 2.4. The command parses attribute types and object classes defined in the input schema files and generates corresponding olcAttributeTypes and olcObjectClasses entries, complete with the necessary LDAP object identifiers (OIDs) and syntax definitions.
This conversion is crucial for administrators wishing to extend or update an OpenLDAP server's schema by adding these LDIF entries to the cn=config database, often using tools like ldapadd or ldapmodify, without requiring a service restart.

The output LDIF is specifically designed for OpenLDAP's cn=config format and may not be directly compatible with older slapd.conf based schema configurations or other LDAP server implementations. Ensure the input schema files adhere to OpenLDAP's schema syntax rules for successful conversion. The order of schema files might be important if there are inter-dependencies between them.

The command produces LDIF entries formatted specifically for the cn=config backend. These entries include olcAttributeTypes and olcObjectClasses definitions, suitable for being added to the cn=schema,cn=config branch of your OpenLDAP directory. Each schema element is typically assigned an index (e.g., cn={0}core, cn={1}cosine) to maintain ordering and uniqueness within the cn=config hierarchy.

After converting schema files, the generated LDIF is usually piped to ldapadd or redirected to a file for later import.

Example:
oLschema2ldif core.schema cosine.schema > /tmp/my_schemas.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/my_schemas.ldif

oLschema2ldif is an integral part of the OpenLDAP project, which began as an open-source implementation of the LDAP protocol in the late 1990s. The command's necessity arose significantly with the introduction of cn=config in OpenLDAP 2.4. Prior to this, schema definitions were typically managed via static text files referenced in the slapd.conf configuration. cn=config revolutionized OpenLDAP management by allowing the entire server configuration, including schema, to be managed dynamically via LDAP operations. oLschema2ldif was developed to bridge the gap, enabling the vast existing base of static schema files to be easily converted into the new LDIF format required by cn=config, facilitating a smoother transition and continued use of standard schema definitions within the dynamic configuration framework.

ldapadd(1), ldapmodify(1), slapadd(8), slapcat(8), slapd(8)