LDAP database management tools

Creating a database over LDAP

With this method, you use the LDAP client of your choice (for example, the ldapadd(1ldap) tool) to add entries, just like you would once the database is created. You should be sure to set the following configuration options before starting slapd: 

   suffix    dn
This option says what entries are to be held by this database. You should set this to the DN of the root of the subtree you are trying to create. For example: 
   suffix    "o=Antbear, Lucid & Popp, c=US"
You should be sure to specify a directory where the index files should be created: 
   directory  directory
For example: 
   directory  /usr/local/antbear-slapd
You need to make it so you can connect to slapd as somebody with permission to add entries. This is done through the following two options in the database definition: 
   rootdn    dn
   rootpw    passwd
These options specify a DN and password that can be used to authenticate as the root user entry of the database (that is, the entry allowed to do anything). The DN and password specified here will always work, regardless of whether the entry named actually exists or has the password given. This solves the chicken-and-egg problem of how to authenticate and add entries before any entries yet exist.

Finally, you should make sure that the database definition contains the index definitions you want: 

   index    {attrlist | default} [pres,eq,approx,sub,none]
For example, to index the cn, sn, uid and objectclass attributes the following index configuration lines could be used: 
   index    cn,sn,uid
   index    objectclass    pres,eq
   index    default none
See ``The LDAP configuration file'' on the configuration file for more details on this option. Once you have configured things to your liking, start up slapd, connect with your LDAP client, and start adding entries. For example, to add a company entry followed by an Ichthyologist entry using the ldapadd tool, you could create a file called /tmp/newentry with the following contents: 
   o=Antbear, Lucid & Popp, c=US
   objectClass=organization
   o=Antbear, Lucid & Popp
   description=Antbear, Lucid & Popp, odd people to do business with
   

   cn=Ichthyologist, o=Antbear, Lucid & Popp, c=US
   objectClass=organizationalRole
   cn=Ichthyologist
   description=Antbear, Lucid & Popp ichthyologist - ichthy@antbear.com
Then use a command like the following to actually create the entry:

ldapadd -f /tmp/newentry -D "cn=Director, o=Antbear, Lucid & Popp, \
c=US" -w secret

The above command assumes that you have set rootdn to ``cn=Director, o=Antbear, Lucid & Popp, c=US'' and rootpw to ``secret''.

© 1999 The Santa Cruz Operation, Inc. All rights reserved.
UnixWare 7 Release 7.1.1 - 5 November 1999