Bitbull Tech Notes - home of free minds ...

Backup LDAP with slapcat on CentOS 7

 #!/bin/bash

export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
set -e

KEEP=7
BASE_DN='dc=domain,dc=ch'
LDAPBK="ldap-$( date +%y%m%d-%H%M ).ldif"
BACKUPDIR='/srv/ldap-backup'

test -d "$BACKUPDIR" || mkdir -p "$BACKUPDIR"

slapcat -b "$BASE_DN" -l "$BACKUPDIR/$LDAPBK"
gzip -9 "$BACKUPDIR/$LDAPBK"

ls -1tr $BACKUPDIR/*.ldif.gz | head -n-$KEEP | xargs rm -

Enable debug logging on CentOS 7 LDAP Server

Enable debug logging on CentOS 7 LDAP Server

 

vi /root/ldap/logging.ldif
------
cat logging.ldif
dn: cn=config
replace: olcLogLevel
olcLogLevel: -1
------

# apply
ldapmodify -Y EXTERNAL -H ldapi:/// -f /root/ldap/logging.ldif

# verify
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config -s base|grep -i LOG

systemctl restart slapd

vi /etc/rsyslog.conf
------
local4.* -/var/log/slapd.log
------

systemctl restart rsyslog

vi /etc/logrotate.d/syslog
-----
# add this line
/var/log/slapd.log
------

see: https://www.lisenet.com/2014/install-and-configure-an-openldap-server-with-ssl-on-debian-wheezy/

Home