Oracle DBA Tips Corner

     Return to the Oracle DBA Tips Corner.

click me  

Loading a LDIF file created with ldifwrite

by Jeff Hunter, Sr. Database Administrator

Contents

  1. Overview
  2. Fix LDIF File For Reloading

Overview

The purpose of this document is to provide a script that can be usd to remove operational attributes from a LDIF file before loading it to the directory.

When the OID command tool ldifwrite is used to unload directory data, by default, it also unloads operational attributes, such as orclguid, creatorsname, createtimestamp, modifiersname and modifytimestamp. Then when using the OID command tool ldapadd to load this LDIF file, these attributes result in a runtime error: ldap_add: Constraint violation.

This procedure will present a script that can be used to remove these entries from the LDIF file allowing you to proceed with the load.

NOTE: If the LDIF file was created with ldapsearch rather than ldifwrite, this is not a problem as operational attributes are not unloaded and written to the LDIF file at all.

Fix LDIF File For Reloading

  1. Copy the following lines into a file named fixLDIFFile and modify according to your environment. Make sure the ldapmodify command is ALL on a single line.

  2. Make the file executable... 
    # chmod +x fixLDIFFile
    ====================COPY EVERYTHING BELOW THIS LINE============================
#!/bin/ksh
#
# fix ldifwrite file so it can be loaded into an existing OID database
#
print "Removing Offending Entries"
egrep -v "orclguid|creatorsname|modifiersname|createtimestamp|modifytimestamp|pwdchangedtime" dumped.ldif > new.ldif
print "Removing Offending Entries"
ldapmodify -a -c -p 389 -h alex -D cn=orcladmin -w  -v -f ./new.ldif
print "Retrieve the New Entries"
ldapsearch -p 389 -h alex -b "" -v objectclass=*
====================COPY EVERYTHING UP TO THIS LINE============================
  3. Run your command.

    NOTE: the script will retrieve the entries to verify that the command worked.

  4. See Guide ct to see chapter on Password Policy in OID Admin Guide:

    In addition, the object class top contains these operational attributes, to maintain the user-password state information for each user entry.

    • pwdChangedtime: The timestamp of the user password creation or modification.
    • pwdExpirationWarned: The time at which the first password expiration warning is been sent to the user.
    • pwdFailuretime: The timestamp of consecutive failed login attempts by the user.
    • pwdAccountLockedTime: The time at which the user account was locked.
    • pwdReset: Requirement for the user to change the password, if this attribute is enabled.
    • pwdGraceUseTime: The time stamps of each grace login by the user.

Copyright (c) 1998-2010 Jeffrey M. Hunter. All rights reserved.

All articles, scripts and material located at the Internet address of http://www.idevelopment.info is the copyright of Jeffrey M. Hunter and is protected under copyright laws of the United States. This document may not be hosted on any other site without my express, prior, written permission. Application to host any of the material elsewhere can be made by contacting me at jhunter@idevelopment.info.

I have made every effort and taken great care in making sure that the material included on my web site is technically accurate, but I disclaim any and all responsibility for any loss, damage or destruction of data or any other property which may arise from relying on it. I will in no case be liable for any monetary damages arising from such loss, damage or destruction.

Last modified on
Tuesday, 23-Dec-2003 00:00:00 EST
Page Count: 7558