How To

How do I append data to an existing user store in DS/OpenDJ (All versions)?

Last updated Dec 4, 2018

The purpose of this article is to provide assistance in adding bulk user data to an existing user data store in DS/OpenDJ.


The Administration guide discusses using import-ldif to add a bulk load of data to a user store. However, you should be aware that import-ldif removes all existing data before importing the new data, which is problematic if you have existing data that needs to remain in place after the import.

If you want to add bulk data, there are two approaches you can take depending on your environment and the amount of data you want to add:

  • For small amounts of data, you can use ldapmodify, which allows you to use an ldif file to append entries to an existing user store. However, ldapmodify runs each entry in the ldif as an individual modification, which can have a bigger impact on performance compared to using import-ldif with very large files. See the Using ldapmodify to append data section for details.
  • For large amounts of data, you should use import-ldif. To ensure you don't lose any data, you can export the existing entries, merge them with your new entries and then import the resulting merged ldif. See the Using import-ldif to append data section for details.

There are no definitive limits to the amount of data and likely impact on performance; this will depend on your environment, so you should performance test and choose the most appropriate option.

Using ldapmodify to append data

You can use ldapmodify to append data as follows:

  1. Create an ldif file containing the data you want to append (called entries.ldif in this example).
  2. Apply the changes using the following ldapmodify command depending on your version:
    • DS 5 and later:
      $ ./ldapmodify --hostname --port 1389 --bindDN "cn=Directory Manager" --bindPassword password /path/to/entries.ldif
    • Pre-DS 5:
      $ ./ldapmodify --hostname --port 1389 --bindDN "cn=Directory Manager" --bindPassword password --filename /path/to/entries.ldif

See Developer's Guide › Modifying Entry Attributes for further information.


The ldapmodify operation will fail if any of your ldif entries match existing entries; you can use the --continueOnError option to continue even if an error is encountered.

Using import-ldif to append data

You can use import-ldif to append data as follows:

  1. Create an ldif file containing the data you want to append (called newentries.ldif in this example).
  2. Export the existing entries using export-ldif, for example (while the server is online): 
    $ ./export-ldif --hostname --port 4444 --bindDN "cn=Directory Manager" --bindPassword password --backendID userRoot --includeBranch dc=example,dc=com --ldifFile existing.ldif --start 0 --trustAll
  3. Merge the entries in the ldif files created in steps 1 and 2 using the appropriate ldifmodify command depending on your version, for example:
    • DS 5 and later:
      $ ./ldifmodify --outputLDIF merged.ldif existing.ldif newentries.ldif
    • Pre-DS 5:
      $ ./ldifmodify --sourceLDIF existing.ldif --changesLDIF newentries.ldif --targetLDIF merged.ldif
  4. Import the resulting ldif file using import-ldif, for example: 
    $. /import-ldif --hostname --port 4444 --bindDN "cn=Directory Manager" --bindPassword password --backendID userRoot --includeBranch dc=example,dc=com --ldifFile merged.ldif --trustAll

You can add the --continueOnError option when you run the ldifmodify command if you have duplicate entries in your new ldif file. Attributes in duplicate entries will not be updated as these entries are ignored when merging the files. 

See Also

Installing and Administering DS/OpenDJ

Administration Guide › Importing and Exporting Data

Administration Guide › Other Tools For Working With LDIF Data

OpenDJ 3 › Release Notes › Important Changes to Existing Functionality › import-ldif 

Related Training


Related Issue Tracker IDs


Copyright and TrademarksCopyright © 2018 ForgeRock, all rights reserved.