How to copy LDAP records from one OpenDJ server to another
To copy the LDAP records from an OpenDJ server to another (e.g. after a clean install) you first need to copy the required LDAP schema files, then the LDAP directory data:
Make sure the target OpenDJ server is created with a baseDN (also called suffix or naming context) that matches the base DN of the source OpenDJ server.
The setup base DN can be displayed with the following command, under the userRoot backend ID:
$ opendj/bin/list-backends Backend ID : Base DN ---------------:-------------------- adminRoot : cn=admin data ads-truststore : cn=ads-truststore backup : cn=backups config : cn=config monitor : cn=monitor schema : cn=schema tasks : cn=tasks userRoot : "dc=wonderland,dc=net"
The target LDAP server must be stopped before new schemas can be installed:
Copy the following schema files from the source OpenDJ server
opendj/config/schema/90-srp.ldif opendj/config/schema/91-oidc-client.ldif opendj/config/schema/92-oidc-authz.ldif
opendj/config/schema directory of the target OpenDJ server.
Note that the source OpenDJ server may be running or offline.
Export the LDAP records from the source OpenDJ server to a standard LDIF file:
$ opendj/bin/export-ldif -n userRoot -l records.ldif
You can check the export-ldif manual for additional options.
Import the LDIF record dump into the target server:
$ opendj/bin/import-ldif -n userRoot -l records.ldif
You can check the import-ldif manual for additional options.
Start the LDAP server with
To browse and edit the contents of an LDAP directory we recommend the excellent Apache Directory Studio.
Please note that the persisted LDAP data used by a running Connect2id Server should not be modified directly with an LDAP tool:
The changes will most likely not be seen due to the Connect2id Server's caching of data;
You also run the risk of corrupting the data as the LDAP record values are not checked by the server.