Re: [389-users] Directory Re-population

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Rich,

I did some testing and it appears to be working as you expected.
The steps involve
1) Export the directory database to a LDIF
2) Reload the directory database
3) Reinitialize the consumer

I have another question.  I noticed there's an ACI on the directory database LDIF.
aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "l
 dap:///cn=slapd-foo, cn=Red Hat Directory Server, cn=Server Group, cn=
 foo.com, ou=tscei.dd-x.com, o=NetscapeRoot";)

Do I need to modify the hostname in that ACI if I want to load the same directory database into another LDAP?  Essentially I want to use a basic directory database LDIF and load it to a bunch of different development LDAP we have.  Some LDAPs are multi-mastered configured and most are not.

Thanks in advance

- David

On Tue, Jun 22, 2010 at 2:43 PM, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:
Chun Tat David Chu wrote:
> Another question about directory re-population.
>
> If I want to create a generic LDIF backup for a bunch of test
> directory servers, in the exported LDIF file, should I remove the
> following attributes? or it doesn't really matter?
> nsUniqueId: 795dca00-5fa011df-8de2866b-a65dc74a
> creatorsName:
> modifiersName: cn=directory manager
> createTimestamp: 20100514213428Z
> modifyTimestamp: 20100514213430Z
I don't think it matters.  I suppose you might want to keep
createTimestamp and modifyTimestamp just for your own information.
>
> My LDIF backup will be imported back to the LDAP using ldif2db.pl
> <http://ldif2db.pl>.
>
> - David
>
> On Fri, Jun 18, 2010 at 4:40 PM, Chun Tat David Chu
> <beyonddc.storage@xxxxxxxxx <mailto:beyonddc.storage@xxxxxxxxx>> wrote:
>
>     Thanks Rich, I'll give that a try.
>
>
>     On Fri, Jun 18, 2010 at 4:20 PM, Rich Megginson
>     <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>> wrote:
>
>         Chun Tat David Chu wrote:
>         > Hi Rich,
>         >
>         > Thanks for replying.
>         >
>         > Just making sure I'm using the right utility.  To
>         reinitialize the
>         > directory, I use the ldif2db.pl <http://ldif2db.pl>
>         <http://ldif2db.pl> Perl script right?
>         Yes, if you need to restore _all_ servers from an LDIF backup.
>          The
>         reason I say _all_ is that when you do a restore from a "raw"
>         LDIF file,
>         this wipes out all of the replication state information and
>         changelog
>         information.  This means you will have to use this server to
>         re-init
>         other masters and consumers - (I mean re-init in the sense of
>         Initializing Consumers -
>         http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication-Initializing_Consumers.html)
>
>         You can use db2ldif.pl <http://db2ldif.pl> -r to create an
>         LDIF file suitable for offline
>         replica init
>         >
>         > - David
>         >
>         > On Fri, Jun 18, 2010 at 3:58 PM, Rich Megginson
>         <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>
>         > <mailto:rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>>>
>         wrote:
>         >
>         >     Chun Tat David Chu wrote:
>         >     > Hi all,
>         >     >
>         >     > I am hitting an issue with reinitializing the
>         directory database.
>         >     >
>         >     > Basically I have two directory servers and they're
>         configured using
>         >     > multi-master replication scheme.
>         >     >
>         >     > When I reinitialize the directory database, the
>         directory became
>         >     > inaccessible.  I think it is related with my multi-master
>         >     replication
>         >     > setup because when I use only reinitialize one LDAP,
>         it would work
>         >     > just fine
>         >     >
>         >     > My question is if multi-master replication is enabled
>         on two LDAPs
>         >     > then do I need to reinitialize both LDAPs at the same
>         time or
>         >     just one
>         >     > LDAP?
>         >     If you use one master (m1) to re-init the other master
>         (m2), you
>         >     do not
>         >     need to then use m2 to re-init m2.
>         >     >
>         >     > Thanks!
>         >     >
>         >     > - David
>         >     >
>         >     > On Fri, May 14, 2010 at 4:42 PM, Chun Tat David Chu
>         >     > <beyonddc.storage@xxxxxxxxx
>         <mailto:beyonddc.storage@xxxxxxxxx>
>         <mailto:beyonddc.storage@xxxxxxxxx
>         <mailto:beyonddc.storage@xxxxxxxxx>>
>         >     <mailto:beyonddc.storage@xxxxxxxxx
>         <mailto:beyonddc.storage@xxxxxxxxx>
>         >     <mailto:beyonddc.storage@xxxxxxxxx
>         <mailto:beyonddc.storage@xxxxxxxxx>>>> wrote:
>         >     >
>         >     >     Reinitializing the directory database does the
>         trick!  I'm going
>         >     >     to do more testing on it.
>         >     >
>         >     >     Thanks a lot!
>         >     >
>         >     >     - David
>         >     >
>         >     >
>         >     >     On Fri, May 14, 2010 at 1:43 PM, David Boreham
>         >     >     <david_list@xxxxxxxxxxx
>         <mailto:david_list@xxxxxxxxxxx> <mailto:david_list@xxxxxxxxxxx
>         <mailto:david_list@xxxxxxxxxxx>>
>         >     <mailto:david_list@xxxxxxxxxxx
>         <mailto:david_list@xxxxxxxxxxx> <mailto:david_list@xxxxxxxxxxx
>         <mailto:david_list@xxxxxxxxxxx>>>>
>         >     wrote:
>         >     >
>         >     >         On 5/14/2010 11:40 AM, Chun Tat David Chu wrote:
>         >     >         >
>         >     >         > We use 389 Directory as part of our
>         development lab.
>         >      Every
>         >     >         time when
>         >     >         > we do a new test, we need to repopulate our 389
>         >     directory to
>         >     >         a clean
>         >     >         > slate (i.e. delete all existing data and
>         re-create a base
>         >     >         hierarchy
>         >     >         > tree).
>         >     >         >
>         >     >         > Our current way of doing so is simply using
>         the ldapdelete
>         >     >         command to
>         >     >         > remove all existing data and use ldapadd to
>         re-create
>         >     the base
>         >     >         > hierarchy tree.  This approach is okay but
>         sometime it
>         >     could
>         >     >         take up
>         >     >         > to 20 to 30 minutes to delete all existing data
>         >     depending on the
>         >     >         > amount of data saved in the directory.
>         >     >         >
>         >     >         > Is there a more efficient way to repopulate
>         the 389
>         >     Directory?
>         >     >
>         >     >         Yes. Import an almost empty LDIF file. You can
>         also copy the
>         >     >         on-disk
>         >     >         database underneath a server (when it is shut
>         down), if you
>         >     >         know what
>         >     >         you're doing.
>         >     >
>         >     >         --
>         >     >         389 users mailing list
>         >     >         389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>         >     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>
>         >     >         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>         >     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>>
>         >     >
>         https://admin.fedoraproject.org/mailman/listinfo/389-users
>         >     >
>         >     >
>         >     >
>         >     >
>         >
>         ------------------------------------------------------------------------
>         >     >
>         >     > --
>         >     > 389 users mailing list
>         >     > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>         >     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>
>         >     > https://admin.fedoraproject.org/mailman/listinfo/389-users
>         >
>         >     --
>         >     389 users mailing list
>         >     389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>         >     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>
>         >     https://admin.fedoraproject.org/mailman/listinfo/389-users
>         >
>         >
>         >
>         ------------------------------------------------------------------------
>         >
>         > --
>         > 389 users mailing list
>         > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>         > https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>         --
>         389 users mailing list
>         389-users@xxxxxxxxxxxxxxxxxxxxxxx
>         <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>         https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
> ------------------------------------------------------------------------
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux