John A. Sullivan III wrote: > On Fri, 2010-03-26 at 17:05 -0600, Rich Megginson wrote: > >> John A. Sullivan III wrote: >> >>> On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote: >>> >>> >>>> John A. Sullivan III wrote: >>>> >>>> >>>>> Hello, all. We've recently undergone a corporate name and domain >>>>> change, let's say from oldname.biz to newname.com. Consequently, we >>>>> need to rename the top level of our LDAP structure. We installed CentOS >>>>> Directory Server 8.1 into dc=oldname,dc=biz and now need that entire >>>>> structure to have dc=newname,dc=com at the top. Everything else stays >>>>> the same. >>>>> >>>>> I realize I'll need to edit all my ACIs and repoint all my LDAP clients, >>>>> but is there an easy way to rename the tree? I'd hate to try to move all >>>>> the elements (especially since I believe we can only move leaves) and >>>>> worse yet have to recreate the entire tree :-(((( >>>>> >>>>> I assume it is not as simple as going to the top level object in the >>>>> directory, going to advanced properties and changing the entrydn. >>>>> Thanks - John >>>>> >>>>> >>>>> >>>> With 389 1.2.6 you can do a subtree rename operation. Otherwise, I >>>> suggest you >>>> dump to ldif >>>> run a script on the ldif to convert oldname to newname >>>> import from ldif >>>> >>>> >>> <snip> >>> Yes, the features in 1.2.6 have me drooling! But it looks like I'll need >>> to go the ldif route. Any caveats, e.g., shutting down dirsrv before >>> starting? Is it as simple as dump, edit, import? Thanks - John >>> >>> >> Anything under the subtree cn=config will need to be changed after the >> ldif dump and before importing the new data >> Also, anything under o=NetscapeRoot (if you're using the console) will >> likely need to change too if it refers to the old suffix >> > <snip> > Hmm . . . thinking this through in our relatively simple environment - > Single Master, one read only replica, one Windows synchronization > agreement. > > If we dump and make the edits to userRoot and NetscapeRoot as well as > editing dse.ldif on each local LDAP server, does that cover everything > (even ACIs as I think about it) Yes > or do we still need to go into the > console and cleanup various bits manually including the cn=config (I > thought that was held in dse.ldif? You should not have to change anything in the console. > Thanks - John > > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
