Thanks Rich, I did more experiment, and I noticed one of my database didn't get reload after I ran ldif2db.pl script My DIT has a root database and then a sub database under the root database. When I did the export, I exported from the root database. When I ran the ldif2db.pl script, only the root database get reloaded but not the sub database. Do you have any ideas? Thanks in advance - David On Tue, Jun 22, 2010 at 5:30 PM, Rich Megginson <rmeggins at redhat.com> wrote: > Chun Tat David Chu wrote: > > Hi Rich, > > > > I did some testing and it appears to be working as you expected. > > The steps involve > > 1) Export the directory database to a LDIF > > 2) Reload the directory database > > 3) Reinitialize the consumer > > > > I have another question. I noticed there's an ACI on the directory > > database LDIF. > > aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) > > groupdn = "l > > dap:///cn=slapd-foo, cn=Red Hat Directory Server, cn=Server Group, cn= > > foo.com <http://foo.com>, ou=tscei.dd-x.com <http://tscei.dd-x.com>, > > o=NetscapeRoot";) > > > > Do I need to modify the hostname in that ACI if I want to load the > > same directory database into another LDAP? Essentially I want to use > > a basic directory database LDIF and load it to a bunch of different > > development LDAP we have. Some LDAPs are multi-mastered configured > > and most are not. > No, you do not need to change that hostname. > > > > Thanks in advance > > > > - David > > > > On Tue, Jun 22, 2010 at 2:43 PM, Rich Megginson <rmeggins at redhat.com > > <mailto:rmeggins at redhat.com>> wrote: > > > > Chun Tat David Chu wrote: > > > Another question about directory re-population. > > > > > > If I want to create a generic LDIF backup for a bunch of test > > > directory servers, in the exported LDIF file, should I remove the > > > following attributes? or it doesn't really matter? > > > nsUniqueId: 795dca00-5fa011df-8de2866b-a65dc74a > > > creatorsName: > > > modifiersName: cn=directory manager > > > createTimestamp: 20100514213428Z > > > modifyTimestamp: 20100514213430Z > > I don't think it matters. I suppose you might want to keep > > createTimestamp and modifyTimestamp just for your own information. > > > > > > My LDIF backup will be imported back to the LDAP using > > ldif2db.pl <http://ldif2db.pl> > > > <http://ldif2db.pl>. > > > > > > - David > > > > > > On Fri, Jun 18, 2010 at 4:40 PM, Chun Tat David Chu > > > <beyonddc.storage at gmail.com <mailto:beyonddc.storage at gmail.com> > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com>>> wrote: > > > > > > Thanks Rich, I'll give that a try. > > > > > > > > > On Fri, Jun 18, 2010 at 4:20 PM, Rich Megginson > > > <rmeggins at redhat.com <mailto:rmeggins at redhat.com> > > <mailto:rmeggins at redhat.com <mailto:rmeggins at redhat.com>>> wrote: > > > > > > Chun Tat David Chu wrote: > > > > Hi Rich, > > > > > > > > Thanks for replying. > > > > > > > > Just making sure I'm using the right utility. To > > > reinitialize the > > > > directory, I use the ldif2db.pl <http://ldif2db.pl> > > <http://ldif2db.pl> > > > <http://ldif2db.pl> Perl script right? > > > Yes, if you need to restore _all_ servers from an LDIF > > backup. > > > The > > > reason I say _all_ is that when you do a restore from a > > "raw" > > > LDIF file, > > > this wipes out all of the replication state information and > > > changelog > > > information. This means you will have to use this server > to > > > re-init > > > other masters and consumers - (I mean re-init in the > > sense of > > > Initializing Consumers - > > > > > > http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication-Initializing_Consumers.html > ) > > > > > > You can use db2ldif.pl <http://db2ldif.pl> > > <http://db2ldif.pl> -r to create an > > > LDIF file suitable for offline > > > replica init > > > > > > > > - David > > > > > > > > On Fri, Jun 18, 2010 at 3:58 PM, Rich Megginson > > > <rmeggins at redhat.com <mailto:rmeggins at redhat.com> > > <mailto:rmeggins at redhat.com <mailto:rmeggins at redhat.com>> > > > > <mailto:rmeggins at redhat.com > > <mailto:rmeggins at redhat.com> <mailto:rmeggins at redhat.com > > <mailto:rmeggins at redhat.com>>>> > > > wrote: > > > > > > > > Chun Tat David Chu wrote: > > > > > Hi all, > > > > > > > > > > I am hitting an issue with reinitializing the > > > directory database. > > > > > > > > > > Basically I have two directory servers and they're > > > configured using > > > > > multi-master replication scheme. > > > > > > > > > > When I reinitialize the directory database, the > > > directory became > > > > > inaccessible. I think it is related with my > > multi-master > > > > replication > > > > > setup because when I use only reinitialize one > LDAP, > > > it would work > > > > > just fine > > > > > > > > > > My question is if multi-master replication is > > enabled > > > on two LDAPs > > > > > then do I need to reinitialize both LDAPs at the > > same > > > time or > > > > just one > > > > > LDAP? > > > > If you use one master (m1) to re-init the other > master > > > (m2), you > > > > do not > > > > need to then use m2 to re-init m2. > > > > > > > > > > Thanks! > > > > > > > > > > - David > > > > > > > > > > On Fri, May 14, 2010 at 4:42 PM, Chun Tat David Chu > > > > > <beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com> > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com>> > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com> > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com>>> > > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com> > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com>> > > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com> > > > <mailto:beyonddc.storage at gmail.com > > <mailto:beyonddc.storage at gmail.com>>>>> wrote: > > > > > > > > > > Reinitializing the directory database does the > > > trick! I'm going > > > > > to do more testing on it. > > > > > > > > > > Thanks a lot! > > > > > > > > > > - David > > > > > > > > > > > > > > > On Fri, May 14, 2010 at 1:43 PM, David Boreham > > > > > <david_list at boreham.org > > <mailto:david_list at boreham.org> > > > <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org>> <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org> > > > <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org>>> > > > > <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org> > > > <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org>> <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org> > > > <mailto:david_list at boreham.org > > <mailto:david_list at boreham.org>>>>> > > > > wrote: > > > > > > > > > > On 5/14/2010 11:40 AM, Chun Tat David > > Chu wrote: > > > > > > > > > > > > We use 389 Directory as part of our > > > development lab. > > > > Every > > > > > time when > > > > > > we do a new test, we need to > > repopulate our 389 > > > > directory to > > > > > a clean > > > > > > slate (i.e. delete all existing data and > > > re-create a base > > > > > hierarchy > > > > > > tree). > > > > > > > > > > > > Our current way of doing so is simply > > using > > > the ldapdelete > > > > > command to > > > > > > remove all existing data and use > > ldapadd to > > > re-create > > > > the base > > > > > > hierarchy tree. This approach is okay > but > > > sometime it > > > > could > > > > > take up > > > > > > to 20 to 30 minutes to delete all > > existing data > > > > depending on the > > > > > > amount of data saved in the directory. > > > > > > > > > > > > Is there a more efficient way to > > repopulate > > > the 389 > > > > Directory? > > > > > > > > > > Yes. Import an almost empty LDIF file. > > You can > > > also copy the > > > > > on-disk > > > > > database underneath a server (when it is > > shut > > > down), if you > > > > > know what > > > > > you're doing. > > > > > > > > > > -- > > > > > 389 users mailing list > > > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>>> > > > > > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>>>> > > > > > > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > > > > > -- > > > > > 389 users mailing list > > > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>>> > > > > > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > > > -- > > > > 389 users mailing list > > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>>> > > > > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > > > -- > > > > 389 users mailing list > > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > -- > > > 389 users mailing list > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > <mailto:389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org>> > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > -- > > > 389 users mailing list > > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > -- > > 389 users mailing list > > 389-users at lists.fedoraproject.org > > <mailto:389-users at lists.fedoraproject.org> > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > > > > ------------------------------------------------------------------------ > > > > -- > > 389 users mailing list > > 389-users at lists.fedoraproject.org > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20100622/0122935e/attachment.html
