:: RootR ::  Hosting Order Map Login   Secure Inter-Network Operations  
 
slapschema(8) - phpMan

Command: man perldoc info search(apropos)  

SLAPSCHEMA(8)                        System Manager's Manual                        SLAPSCHEMA(8)



NAME
       slapschema - SLAPD in-database schema checking utility

SYNOPSIS
       /usr/sbin/slapschema [-afilter] [-bsuffix] [-c] [-ddebug-level] [-fslapd.conf] [-Fconfdir]
       [-g] [-HURI] [-lerror-file] [-ndbnum] [-ooption[=value]] [-ssubtree-dn] [-v]

DESCRIPTION
       Slapschema is used to check schema compliance of the contents of a slapd(8) database.   It
       opens  the  given database determined by the database number or suffix and checks the com‐
       pliance of its contents with the corresponding schema. Errors are written to standard out‐
       put  or the specified file.  Databases configured as subordinate of this one are also out‐
       put, unless -g is specified.

       Administrators may need to modify existing schema items,  including  adding  new  required
       attributes to objectClasses, removing existing required or allowed attributes from object‐
       Classes, entirely removing objectClasses, or any other change that may  result  in  making
       perfectly  valid  entries  no longer compliant with the modified schema.  The execution of
       the slapschema tool after modifying the schema can point out  inconsistencies  that  would
       otherwise surface only when inconsistent entries need to be modified.


       The  entry  records  are  checked  in database order, not superior first order.  The entry
       records will be checked considering all (user and operational) attributes  stored  in  the
       database.   Dynamically  generated attributes (such as subschemaSubentry) will not be con‐
       sidered.

OPTIONS
       -a filter
              Only check entries matching the asserted filter.  For example

              slapschema -a \
                  "(!(entryDN:dnSubtreeMatch:=ou=People,dc=example,dc=com))"

              will check all but  the  "ou=People,dc=example,dc=com"  subtree  of  the  "dc=exam‐
              ple,dc=com" database.  Deprecated; use -H ldap:///???(filter) instead.

       -b suffix
              Use  the  specified  suffix to determine which database to check.  The -b cannot be
              used in conjunction with the -n option.

       -c     Enable continue (ignore errors) mode.

       -d debug-level
              Enable debugging messages as defined by the specified debug-level; see slapd(8) for
              details.

       -f slapd.conf
              Specify an alternative slapd.conf(5) file.

       -F confdir
              specify  a config directory.  If both -f and -F are specified, the config file will
              be read and converted to config directory  format  and  written  to  the  specified
              directory.   If  neither option is specified, an attempt to read the default config
              directory will be made before trying to use the default config  file.  If  a  valid
              config directory exists then the default config file is ignored.

       -g     disable subordinate gluing.  Only the specified database will be processed, and not
              its glued subordinates (if any).

       -H  URI
              use dn, scope and filter from URI to only handle matching entries.

       -l error-file
              Write errors to specified file instead of standard output.

       -n dbnum
              Check the dbnum-th database listed in the configuration file. The  config  database
              slapd-config(5), is always the first database, so use -n 0

              The -n cannot be used in conjunction with the -b option.

       -o option[=value]
              Specify an option with a(n optional) value.  Possible generic options/values are:

                     syslog=<subsystems>  (see `-s' in slapd(8))
                     syslog-level=<level> (see `-S' in slapd(8))
                     syslog-user=<user>   (see `-l' in slapd(8))


       -s subtree-dn
              Only  check  entries in the subtree specified by this DN.  Implies -b subtree-dn if
              no -b nor -n option is given.  Deprecated; use -H ldap:///subtree-dn instead.

       -v     Enable verbose mode.

LIMITATIONS
       For some backend types, your slapd(8) should not be running (at least, not  in  read-write
       mode)  when  you  do  this to ensure consistency of the database. It is always safe to run
       slapschema with the slapd-bdb(5), slapd-hdb(5), and slapd-null(5) backends.

EXAMPLES
       To check the schema compliance of your SLAPD database after modifications to  the  schema,
       and put any error in a file called errors.ldif, give the command:

            /usr/sbin/slapschema -l errors.ldif

SEE ALSO
       ldap(3), ldif(5), slapd(8)

       "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS
       OpenLDAP  Software  is developed and maintained by The OpenLDAP Project <http://www.openl‐
       dap.org/>.  OpenLDAP Software is derived from University of Michigan LDAP 3.3 Release.



OpenLDAP                                    2014/09/20                              SLAPSCHEMA(8)

/man
rootr.net - man pages