Change location where LDAP data is stored

I used to move the default database of openldap after each new setup.

The steps I do when I want to move a database :

• Stop slapd

sudo service slapd stop

• slapcat the content of the cn=config branch in a LDIF file

sudo slapcat -b cn=config > /tmp/config.ldif

• Copy the /var/lib/ldap directory wherever you want it
• Make sure the user openldap owns the new directory and all the files inside
• Edit the previously exported LDIF to modify the olcDbDirectory to the new location
• Import the LDIF (Make sure the /etc/ldap/slapd.d is empty before doing this)

sudo rm -r /etc/ldap/slapd.d/*
sudo slapadd -F /etc/ldap/slapd.d -b cn=config -l /tmp/config.ldif

• Make sure the /etc/ldap/slapd.d and all its content is owned by openldap

sudo chown -R openldap:openldap /etc/ldap/slapd.d/

• Edit needed configuration to allow Slapd to use this new database directory

For example, with apparmor, edit the file /etc/apparmor.d/usr.sbin.slapd and add the following lines:

/path/to/new/db/ r,
/path/to/new/db/** rwk,

• Restart apparmor and slapd

sudo service apparmor restart
sudo service slapd start

Usually it does the trick. It's also how I backup the configuration of my openldap instances.