Hi Rich, I did some testing and it appears to be working as you expected. The steps involve 1) Export the directory database to a LDIF 2) Reload the directory database 3) Reinitialize the consumer I have another question. I noticed there's an ACI on the directory database LDIF. aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "l dap:///cn=slapd-foo, cn=Red Hat Directory Server, cn=Server Group, cn= foo.com, ou=tscei.dd-x.com, o=NetscapeRoot";) Do I need to modify the hostname in that ACI if I want to load the same directory database into another LDAP? Essentially I want to use a basic directory database LDIF and load it to a bunch of different development LDAP we have. Some LDAPs are multi-mastered configured and most are not. Thanks in advance - David On Tue, Jun 22, 2010 at 2:43 PM, Rich Megginson <rmeggins at redhat.com> wrote: > Chun Tat David Chu wrote: > > Another question about directory re-population. > > > > If I want to create a generic LDIF backup for a bunch of test > > directory servers, in the exported LDIF file, should I remove the > > following attributes? or it doesn't really matter? > > nsUniqueId: 795dca00-5fa011df-8de2866b-a65dc74a > > creatorsName: > > modifiersName: cn=directory manager > > createTimestamp: 20100514213428Z > > modifyTimestamp: 20100514213430Z > I don't think it matters. I suppose you might want to keep > createTimestamp and modifyTimestamp just for your own information. > > > > My LDIF backup will be imported back to the LDAP using ldif2db.pl > > <http://ldif2db.pl>. > > > > - David > > > > On Fri, Jun 18, 2010 at 4:40 PM, Chun Tat David Chu > > <beyonddc.storage at gmail.com <mailto:beyonddc.storage at gmail.com>> wrote: > > > > Thanks Rich, I'll give that a try. > > > > > > On Fri, Jun 18, 2010 at 4:20 PM, Rich Megginson > > <rmeggins at redhat.com <mailto:rmeggins at redhat.com>> wrote: > > > > Chun Tat David Chu wrote: > > > Hi Rich, > > > > > > Thanks for replying. > > > > > > Just making sure I'm using the right utility. To > > reinitialize the > > > directory, I use the ldif2db.pl <http://ldif2db.pl> > > <http://ldif2db.pl> Perl script right? > > Yes, if you need to restore _all_ servers from an LDIF backup. > > The > > reason I say _all_ is that when you do a restore from a "raw" > > LDIF file, > > this wipes out all of the replication state information and > > changelog > > information. This means you will have to use this server to > > re-init > > other masters and consumers - (I mean re-init in the sense of > > Initializing Consumers - > > > http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication-Initializing_Consumers.html > ) > > > > You can use db2ldif.pl <http://db2ldif.pl> -r to create an > > LDIF file suitable for offline > > replica init > > > > > > - David > > > > > > On Fri, Jun 18, 2010 at 3:58 PM, Rich Megginson > > <rmeggins at redhat.com <mailto:rmeggins at redhat.com> > > > <mailto:rmeggins at redhat.com <mailto:rmeggins at redhat.com>>> > > wrote: > > > > > > Chun Tat David Chu wrote: > > > > Hi all, > > > > > > > > I am hitting an issue with reinitializing the > > directory database. > > > > > > > > Basically I have two directory servers and they're > > configured using > > > > multi-master replication scheme. > > > > > > > > When I reinitialize the directory database, the > > directory became > > > > inaccessible. I think it is related with my multi-master > > > replication > > > > setup because when I use only reinitialize one LDAP, > > it would work > > > > just fine > > > > > > > > My question is if multi-master replication is enabled > > on two LDAPs > > > > then do I need to reinitialize both LDAPs at the same > > time or > > > just one > > > > LDAP? > > > If you use one master (m1) to re-init the other master > > (m2), you > > > do not > > > need to then use m2 to re-init m2. > > > > > > > > Thanks! > > > > > > > > - David > > > > > > > > On Fri, May 14, 2010 at 4:42 PM, Chun Tat David Chu > > > > <beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com> > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com>> > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com> > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com>>>> wrote: > > > > > > > > Reinitializing the directory database does the > > trick! I'm going > > > > to do more testing on it. > > > > > > > > Thanks a lot! > > > > > > > > - David > > > > > > > > > > > > On Fri, May 14, 2010 at 1:43 PM, David Boreham > > > > <david_list at boreham.org > > <mailto:david_list at boreham.org> <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org>> > > > <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org> <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org>>>> > > > wrote: > > > > > > > > On 5/14/2010 11:40 AM, Chun Tat David Chu wrote: > > > > > > > > > > We use 389 Directory as part of our > > development lab. > > > Every > > > > time when > > > > > we do a new test, we need to repopulate our 389 > > > directory to > > > > a clean > > > > > slate (i.e. delete all existing data and > > re-create a base > > > > hierarchy > > > > > tree). > > > > > > > > > > Our current way of doing so is simply using > > the ldapdelete > > > > command to > > > > > remove all existing data and use ldapadd to > > re-create > > > the base > > > > > hierarchy tree. This approach is okay but > > sometime it > > > could > > > > take up > > > > > to 20 to 30 minutes to delete all existing data > > > depending on the > > > > > amount of data saved in the directory. > > > > > > > > > > Is there a more efficient way to repopulate > > the 389 > > > Directory? > > > > > > > > Yes. Import an almost empty LDIF file. You can > > also copy the > > > > on-disk > > > > database underneath a server (when it is shut > > down), if you > > > > know what > > > > you're doing. > > > > > > > > -- > > > > 389 users mailing list > > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>>> > > > > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > > > -- > > > > 389 users mailing list > > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > -- > > > 389 users mailing list > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > -- > > > 389 users mailing list > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > -- > > 389 users mailing list > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > > > ------------------------------------------------------------------------ > > > > -- > > 389 users mailing list > > 389-users at lists.fedoraproject.org > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20100622/eb62389f/attachment.html
