Archived from groups: microsoft.public.win2000.active_directory (More info?)
Hello,
I have been having difficulties in copying the schema from one machine to a
completely separate machine (ie not in the same domain or network). I did an
ldifde of the cn=schema, cn=configuration branch, but the resulting file was
not ordered in a useful way to be imported. When I imported it into the
target directory, it stopped as soon as it encountered an object class that
included an attribute that was defined further down the file.
My next attempt was to create two separate ldifs using filters on the export
ldif command, so that one file contained the attributes and the other
contained the object classes. Then importing the attributes worked fine, but
the object classes failed as soon as there were dependencies (ie auxiliary
and possible superior object classes defined further down the file).
Unfortunately -k did not ignore these errors, so I couldn't just try
multiple imports of the file.
In the end I just had to order the object class file pretty much by hand,
but this was a real pig of a job. I should say that in this case the schema
was heavily customised, with lots of user-defined attributes and object
classes in addition to the standard ones.
The whole point of this exercise was to ensure that my copy had exactly the
same schema as the original - so I didn't want to build the target schema
from the same files that *should* have been used to build the original.
This finally brings me to my questions which I hope someone can answer:
- is there a way to get the export to be in a friendly order for schema
importing (or two exports, if separate ones are required for attributes and
object classes) ?
- is there a way to disable schema checking on AD, as there is in other ldap
servers?
- is there a smarter method to get the schema copied between two systems
where replication is not an option?
Both environments were Windows 2000, but I would also be interested to know
the answer for Windows 2003.
Regards,
Graham
Hello,
I have been having difficulties in copying the schema from one machine to a
completely separate machine (ie not in the same domain or network). I did an
ldifde of the cn=schema, cn=configuration branch, but the resulting file was
not ordered in a useful way to be imported. When I imported it into the
target directory, it stopped as soon as it encountered an object class that
included an attribute that was defined further down the file.
My next attempt was to create two separate ldifs using filters on the export
ldif command, so that one file contained the attributes and the other
contained the object classes. Then importing the attributes worked fine, but
the object classes failed as soon as there were dependencies (ie auxiliary
and possible superior object classes defined further down the file).
Unfortunately -k did not ignore these errors, so I couldn't just try
multiple imports of the file.
In the end I just had to order the object class file pretty much by hand,
but this was a real pig of a job. I should say that in this case the schema
was heavily customised, with lots of user-defined attributes and object
classes in addition to the standard ones.
The whole point of this exercise was to ensure that my copy had exactly the
same schema as the original - so I didn't want to build the target schema
from the same files that *should* have been used to build the original.
This finally brings me to my questions which I hope someone can answer:
- is there a way to get the export to be in a friendly order for schema
importing (or two exports, if separate ones are required for attributes and
object classes) ?
- is there a way to disable schema checking on AD, as there is in other ldap
servers?
- is there a smarter method to get the schema copied between two systems
where replication is not an option?
Both environments were Windows 2000, but I would also be interested to know
the answer for Windows 2003.
Regards,
Graham
Facebook
Twitter
Instagram