Search code examples
ubuntuopenldap

Where is my data (directories) store by slapd (OpenLDAP) on ubuntu?

After installation slapd on ubuntu 12.04 machine, ldapadd, ldapsearch, I can see it got my data.

The question is where is the directory? It's empty here:

/var/lib/ldap/
/usr/lib/ldap/

slapd configuration directory /etc/ldap/ contains only root settings.

Where is my data? Or how to check/list my backend?

I do the following initializations:

sudo ldapadd -Y EXTERNAL -H ldapi:/// -f db.ldif

The db.ldif is:

# Load modules for database type
dn: cn=module,cn=config
objectclass: olcModuleList
cn: module
olcModuleLoad: back_bdb.la
# Create directory database
dn: olcDatabase=bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: bdb
# Domain name (e.g. home.local)
olcSuffix: dc=home,dc=local
# Location on system where database is stored
olcDbDirectory: /var/lib/ldap
# Manager of the database
olcRootDN: cn=admin,dc=home,dc=local
olcRootPW: admin
# Indices in database to speed up searches
olcDbIndex: uid pres,eq
olcDbIndex: cn,sn,mail pres,eq,approx,sub
olcDbIndex: objectClass eq
# Allow users to change their own password
# Allow anonymous to authenciate against the password
# Allow admin to change anyone's password
olcAccess: to attrs=userPassword
  by self write
  by anonymous auth
  by dn.base="cn=admin,dc=home,dc=local" write
  by * none
# Allow users to change their own record
# Allow anyone to read directory
olcAccess: to *
  by self write
  by dn.base="cn=admin,dc=home,dc=local" write
  by * read
Solution

  • You're using the new 'online conf option' (olc). Also as a backend you're loading the Berkeley database (bdb).

    Can you please paste the output of the following command (which will list your current configuration, requires root/sudo): 

    ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn

    Where is my data?

    Your data should be at the specified location /var/lib/ldap.

    how to check/list my backend?

    You can try the following, which should list all users under your local domain:

    ldapsearch -x -LLL -H ldap:/// -b dc=home,dc=local dn

    You should have at least 1 entry from this query - the db manager:

    olcRootDN: cn=admin,dc=home,dc=local
olcRootPW: admin

    In general:

    Make sure your ldap server is up and running:

    ps ax | grep ldap

    Your output should be something similar to:

    /usr/sbin/slapd -h ldap:/// ldapi:/// -g openldap -u openldap -F /etc/ldap/slapd.d

    You can use a graphical tool to visualise your LDAP. I would recommend just two - JXplorer (lightweight) or Apache's LDAP Directory Studio (heavier)