I did some testing and it appears to be working as you expected.
The steps involve
1) Export the directory database to a LDIF
2) Reload the directory database
3) Reinitialize the consumer
I have another question. I noticed there's an ACI on the directory database LDIF.
aci: (targetattr = "*")(version 3.0; acl "SIE Group"; allow (all) groupdn = "l
dap:///cn=slapd-foo, cn=Red Hat Directory Server, cn=Server Group, cn=
foo.com, ou=tscei.dd-x.com, o=NetscapeRoot";)
Do I need to modify the hostname in that ACI if I want to load the same directory database into another LDAP? Essentially I want to use a basic directory database LDIF and load it to a bunch of different development LDAP we have. Some LDAPs are multi-mastered configured and most are not.
Thanks in advance
- David
On Tue, Jun 22, 2010 at 2:43 PM, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:
Chun Tat David Chu wrote:
> Another question about directory re-population.I don't think it matters. I suppose you might want to keep
>
> If I want to create a generic LDIF backup for a bunch of test
> directory servers, in the exported LDIF file, should I remove the
> following attributes? or it doesn't really matter?
> nsUniqueId: 795dca00-5fa011df-8de2866b-a65dc74a
> creatorsName:
> modifiersName: cn=directory manager
> createTimestamp: 20100514213428Z
> modifyTimestamp: 20100514213430Z
createTimestamp and modifyTimestamp just for your own information.
> <http://ldif2db.pl>.
>
> - David
>
> On Fri, Jun 18, 2010 at 4:40 PM, Chun Tat David Chu
> <beyonddc.storage@xxxxxxxxx <mailto:beyonddc.storage@xxxxxxxxx>> wrote:
>
> Thanks Rich, I'll give that a try.
>
>
> On Fri, Jun 18, 2010 at 4:20 PM, Rich Megginson
> > Hi Rich,> You can use db2ldif.pl <http://db2ldif.pl> -r to create an
> >
> > Thanks for replying.
> >
> > Just making sure I'm using the right utility. To
> reinitialize the
> > directory, I use the ldif2db.pl <http://ldif2db.pl>
> <http://ldif2db.pl> Perl script right?
> Yes, if you need to restore _all_ servers from an LDIF backup.
> The
> reason I say _all_ is that when you do a restore from a "raw"
> LDIF file,
> this wipes out all of the replication state information and
> changelog
> information. This means you will have to use this server to
> re-init
> other masters and consumers - (I mean re-init in the sense of
> Initializing Consumers -
> http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication-Initializing_Consumers.html)
>
> LDIF file suitable for offline> > <mailto:rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>>>
> replica init
> >
> > - David
> >
> > On Fri, Jun 18, 2010 at 3:58 PM, Rich Megginson
> <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>
> wrote:
> >
> > Chun Tat David Chu wrote:
> > > Hi all,
> > >
> > > I am hitting an issue with reinitializing the
> directory database.
> > >
> > > Basically I have two directory servers and they're
> configured using
> > > multi-master replication scheme.
> > >
> > > When I reinitialize the directory database, the
> directory became
> > > inaccessible. I think it is related with my multi-master
> > replication
> > > setup because when I use only reinitialize one LDAP,
> it would work
> > > just fine
> > >
> > > My question is if multi-master replication is enabled
> on two LDAPs
> > > then do I need to reinitialize both LDAPs at the same
> time or
> > just one
> > > LDAP?
> > If you use one master (m1) to re-init the other master
> (m2), you
> > do not
> > need to then use m2 to re-init m2.
> > >
> > > Thanks!
> > >
> > > - David
> > >
> > > On Fri, May 14, 2010 at 4:42 PM, Chun Tat David Chu
> > > <beyonddc.storage@xxxxxxxxx
> <mailto:beyonddc.storage@xxxxxxxxx>
> <mailto:beyonddc.storage@xxxxxxxxx
> <mailto:beyonddc.storage@xxxxxxxxx>>
> > <mailto:beyonddc.storage@xxxxxxxxx
> <mailto:beyonddc.storage@xxxxxxxxx>
> > <mailto:beyonddc.storage@xxxxxxxxx
> <mailto:beyonddc.storage@xxxxxxxxx>>>> wrote:
> > >
> > > Reinitializing the directory database does the
> trick! I'm going
> > > to do more testing on it.
> > >
> > > Thanks a lot!
> > >
> > > - David
> > >
> > >
> > > On Fri, May 14, 2010 at 1:43 PM, David Boreham
> > > <david_list@xxxxxxxxxxx
> <mailto:david_list@xxxxxxxxxxx> <mailto:david_list@xxxxxxxxxxx
> <mailto:david_list@xxxxxxxxxxx>>
> > <mailto:david_list@xxxxxxxxxxx
> <mailto:david_list@xxxxxxxxxxx> <mailto:david_list@xxxxxxxxxxx
> <mailto:david_list@xxxxxxxxxxx>>>>
> > wrote:
> > >
> > > On 5/14/2010 11:40 AM, Chun Tat David Chu wrote:
> > > >
> > > > We use 389 Directory as part of our
> development lab.
> > Every
> > > time when
> > > > we do a new test, we need to repopulate our 389
> > directory to
> > > a clean
> > > > slate (i.e. delete all existing data and
> re-create a base
> > > hierarchy
> > > > tree).
> > > >
> > > > Our current way of doing so is simply using
> the ldapdelete
> > > command to
> > > > remove all existing data and use ldapadd to
> re-create
> > the base
> > > > hierarchy tree. This approach is okay but
> sometime it
> > could
> > > take up
> > > > to 20 to 30 minutes to delete all existing data
> > depending on the
> > > > amount of data saved in the directory.
> > > >
> > > > Is there a more efficient way to repopulate
> the 389
> > Directory?
> > >
> > > Yes. Import an almost empty LDIF file. You can
> also copy the
> > > on-disk
> > > database underneath a server (when it is shut
> down), if you
> > > know what
> > > you're doing.
> > >
> > > --
> > > 389 users mailing list
> > > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
> > <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>
> > > <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
> > <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>>
> > >
> https://admin.fedoraproject.org/mailman/listinfo/389-users
> > >
> > >
> > >
> > >
> >
> ------------------------------------------------------------------------
> > >
> > > --
> > > 389 users mailing list
> > > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
> > <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>
> > > https://admin.fedoraproject.org/mailman/listinfo/389-users
> >
> > --
> > 389 users mailing list
> > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
> > <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>
> > https://admin.fedoraproject.org/mailman/listinfo/389-users
> >
> >
> >
> ------------------------------------------------------------------------
> >
> > --
> > 389 users mailing list
> > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
> > https://admin.fedoraproject.org/mailman/listinfo/389-users
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
> ------------------------------------------------------------------------
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
