Convert LDAP schemata to cn=config of Openldap 2.4.x

This is how i converted old config style ldap schemata to openldap’s 2.4.x cn=config style.

Create an output directory:

create a file to include all the schemas needed (and dependencies)

run the conversation:

you might see error messages like this one:

in this case, make sure to include all schemata that your new one depends on. this is because your new schema uses an attribute type you did not define upfront. you could either define it yourself in your .schema file. but i recommmend to rather have a look at /etc/ldap/schema/*.schema and find which schema defines that attribute.

if the slaptest command finished successfully you should find a directory structure like this in /tmp/ldif_output:

now feel free to edit the newly create ldif file you are after.

once done you can just use ldapadd to add the new schema:
for example like this

Thats it.


  1. i can’t generate the ldif file of my schema after slaptest(openldap default schema files are no problem),my console show these message:
    51a2c7f4 using config directory D:/Develop_Soft/OpenLDAP/tmp/schema_convert.cfg -F D:/Develop_Soft/OpenLDAP/tmp/ldif_output, error 9
    config file testing succeeded

  2. not working:

    adding new entry “cn={12}pmi”
    ldap_add: Server is unwilling to perform (53)
    additional info: no global superior knowledge

Leave a Reply

Your email address will not be published / Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.