LDIF interchange format

LDIF is the standard interchange format for LDAP databases - the equivalent of a tab-separated text file for spreadsheet users.

Dump and restore entire database

# cd /var/db/openldap-ldbm
# ldbmcat -n id2entry.dbb >/tmp/export.ldif

...

# ldif2ldbm -i /tmp/export.ldif

Click for examples of LDAP records in LDIF format

See man 5 ldif for more information about the ldif file format

Incremental changes to a database

An extended version of the ldif syntax is used to add, delete or modify existing records. This is also used as the data format by "slurpd" when replicating records between LDAP servers.

Piping into ldapadd/ldapmodify

dn: cn=fred,dc=wibble,dc=org
changetype: add
objectclass: person
cn: fred
sn: flintstone
mail: fred@bedrock.org
userPassword: b@rnEY
description: dino driver

dn: cn=fred,dc=wibble,dc=org
changetype: modify
replace: mail
mail: manager@bedrock.org
-
add: jpegPhoto
jpegPhoto: /tmp/modme.jpeg
-
delete: description
-

The only difference between 'ldapadd' and 'ldapmodify' is the default value for 'changetype:' if you omit it.

See man 5 slapd.replog for more information about this form of ldif