Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 1. Importing data to Directory Server

Import data from an LDIF file to a Directory Server database using the command line or the web console.

Important

To import data, you must store the LDIF file that you want to import in the /var/lib/dirsrv/slapd-instance_name/ldif/ directory.

To import data while the Directory Server instance is running, use the dsconf backend import command.

Warning

When you start an import operation, Directory Server first removes all existing data from the database and, subsequently, imports the data from the LDIF file. Therefore, if the import fails, the server returns no entries or a partial set of entries.

Prerequisites

  • The LDIF file permissions allow the dirsrv user to read the file.
  • The LDIF file to import contains the root suffix entry.
  • The suffix and its database, to which you want to import data, exists in the directory.
  • The Directory Server instance is running.
  • The LDIF file to import uses UTF-8 character set encoding.

Procedure

  1. Optional: By default, Directory Server sets the entry update sequence numbers (USNs) of all imported entries to 0. To set an alternative initial USN value, set the nsslapd-entryusn-import-initval parameter. For example, to set USN for all imported values to 12345, enter: 

    # dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-entryusn-import-initval=12345
    Copy to Clipboard Toggle word wrap

  2. If you copied the file you want to import to /var/lib/dirsrv/slapd-instance_name/ldif/, reset the SELinux context on that file: 

    # restorecon -Rv /var/lib/dirsrv/slapd-instance_name/ldif/example.ldif
    Copy to Clipboard Toggle word wrap

  3. Use the dsconf backend import command to import data from an LDIF file.

    For example, to import the /var/lib/dirsrv/slapd-instance_name/ldif/example.ldif file into the userRoot database: 

    # dsconf -D "cn=Directory Manager" ldap://server.example.com backend import userRoot /var/lib/dirsrv/slapd-instance_name/ldif/example.ldif
The import task has finished successfully
    Copy to Clipboard Toggle word wrap
  4. Search the /var/log/dirsrv/slapd-instance_name/errors log for problems during the import.

Verification

  • Search for entries under the imported suffix, for example dc=example,dc=com: 

    # ldapsearch -D "cn=Directory Manager" -W -H ldap://server.example.com -b "dc=example,dc=com" -s sub -x
    Copy to Clipboard Toggle word wrap

If the Directory Server instance is offline, use the dsctl ldif2db command to import data.

Warning

When you start an import operation, Directory Server first removes all existing data from the database and, subsequently, imports the data from the LDIF file. Therefore, if the import fails, the server returns no entries or a partial set of entries.

Prerequisites

  • The LDIF file permissions allow the dirsrv user to read the file.
  • The LDIF file to import contains the root suffix entry.
  • The suffix and its database, to which you want to import data, exists in the directory.
  • The Directory Server instance is not running.
  • The LDIF file to import uses UTF-8 character set encoding.

Procedure

  1. Optional: By default, Directory Server sets the entry update sequence numbers (USNs) of all imported entries to 0. To set an alternative initial USN value, set the nsslapd-entryusn-import-initval parameter. For example, to set USN for all imported values to 12345, enter: 

    # dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-entryusn-import-initval=12345
    Copy to Clipboard Toggle word wrap

  2. If you copied the file you want to import to /var/lib/dirsrv/slapd-instance_name/ldif/, reset the SELinux context on that file: 

    # restorecon -Rv /var/lib/dirsrv/slapd-instance_name/ldif/example.ldif
    Copy to Clipboard Toggle word wrap

  3. Use the dsctl ldif2db command to import data from an LDIF file. For example, to import the /var/lib/dirsrv/slapd-instance_name/ldif/example.ldif file into the userRoot database: 

    # dsctl instance_name ldif2db userRoot /var/lib/dirsrv/slapd-instance_name/ldif/example.ldif
OK group dirsrv exists
OK user dirsrv exists
[17/Jul/2021:13:42:42.015554231 +0200] - INFO - ldbm_instance_config_cachememsize_set - force a minimal value 512000
...
[17/Jul/2021:13:42:44.302630629 +0200] - INFO - import_main_offline - import userRoot: Import complete.  Processed 160 entries in 2 seconds. (80.00 entries/sec)
ldif2db successful
    Copy to Clipboard Toggle word wrap
  4. Search the /var/log/dirsrv/slapd-instance_name/errors log for problems during the import.

  5. Optional: Start the instance: 

    # dsctl instance_name start
    Copy to Clipboard Toggle word wrap

Verification

  • Search for entries under the imported suffix, for example dc=example,dc=com: 

    # ldapsearch -D "cn=Directory Manager" -W -H ldap://server.example.com -b "dc=example,dc=com" -s sub -x
    Copy to Clipboard Toggle word wrap

Directory Server supports importing data using the web console.

Warning

When you start an import operation, Directory Server first removes all existing data from the database and, subsequently, imports the data from the LDIF file. Therefore, if the import fails, the server returns no entries or a partial set of entries.

Prerequisites

  • The LDIF file permissions allow the dirsrv user to read the file.
  • The LDIF file to import contains the root suffix entry.
  • The suffix and its database, to which you want to import data, exists in the directory.
  • The LDIF file is stored in the /var/lib/dirsrv/slapd-instance_name/ldif/ directory and has the dirsrv_var_lib_t SELinux context set.
  • The Directory Server instance is running.
  • You are logged in to the instance in the web console.
  • The LDIF file to import uses UTF-8 character set encoding.

Procedure

  1. In the web console, open the Database menu.
  2. Select the suffix entry.
  3. Click Suffix Tasks, and select Initialize Suffix.
  4. Click the Import button next to the LDIF file you want to import. If the LDIF file is stored in a directory different than /var/lib/dirsrv/slapd-instance_name/ldif/, enter the full path to the file and click the Import button.
  5. Select Yes, I am sure, and click Initialize Database to confirm.
  6. To check the log for problems during the import, open the Monitoring Logging Errors Log menu.

Verification

  1. Search for entries under the imported suffix, for example dc=example,dc=com: 

    # ldapsearch -D "cn=Directory Manager" -W -H ldap://server.example.com -b "dc=example,dc=com" -s sub -x
    Copy to Clipboard Toggle word wrap
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat