5:17 p.m.
Hello, all. We've recently undergone a corporate name and domain
change, let's say from oldname.biz to newname.com. Consequently, we
need to rename the top level of our LDAP structure. We installed CentOS
Directory Server 8.1 into dc=oldname,dc=biz and now need that entire
structure to have dc=newname,dc=com at the top. Everything else stays
the same.
I realize I'll need to edit all my ACIs and repoint all my LDAP clients,
but is there an easy way to rename the tree? I'd hate to try to move all
the elements (especially since I believe we can only move leaves) and
worse yet have to recreate the entire tree :-((((
I assume it is not as simple as going to the top level object in the
directory, going to advanced properties and changing the entrydn.
Thanks - John
5:28 p.m.
John A. Sullivan III wrote:
Hello, all. We've recently undergone a corporate name and
domain
change, let's say from oldname.biz to newname.com. Consequently, we
need to rename the top level of our LDAP structure. We installed CentOS
Directory Server 8.1 into dc=oldname,dc=biz and now need that entire
structure to have dc=newname,dc=com at the top. Everything else stays
the same.
I realize I'll need to edit all my ACIs and repoint all my LDAP clients,
but is there an easy way to rename the tree? I'd hate to try to move all
the elements (especially since I believe we can only move leaves) and
worse yet have to recreate the entire tree :-((((
I assume it is not as simple as going to the top level object in the
directory, going to advanced properties and changing the entrydn.
Thanks - John
With 389 1.2.6 you can do a subtree rename operation. Otherwise, I
suggest you
dump to ldif
run a script on the ldif to convert oldname to newname
import from ldif
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
5:53 p.m.
On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
John A. Sullivan III wrote:
> Hello, all. We've recently undergone a corporate name and domain
> change, let's say from oldname.biz to newname.com. Consequently, we
> need to rename the top level of our LDAP structure. We installed CentOS
> Directory Server 8.1 into dc=oldname,dc=biz and now need that entire
> structure to have dc=newname,dc=com at the top. Everything else stays
> the same.
>
> I realize I'll need to edit all my ACIs and repoint all my LDAP clients,
> but is there an easy way to rename the tree? I'd hate to try to move all
> the elements (especially since I believe we can only move leaves) and
> worse yet have to recreate the entire tree :-((((
>
> I assume it is not as simple as going to the top level object in the
> directory, going to advanced properties and changing the entrydn.
> Thanks - John
>
With 389 1.2.6 you can do a subtree rename operation. Otherwise, I
suggest you
dump to ldif
run a script on the ldif to convert oldname to newname
import from ldif
<snip>
Yes, the features in 1.2.6 have me drooling! But it looks like I'll need
to go the ldif route. Any caveats, e.g., shutting down dirsrv before
starting? Is it as simple as dump, edit, import? Thanks - John
6:05 p.m.
John A. Sullivan III wrote:
On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
> John A. Sullivan III wrote:
>
>> Hello, all. We've recently undergone a corporate name and domain
>> change, let's say from oldname.biz to newname.com. Consequently, we
>> need to rename the top level of our LDAP structure. We installed CentOS
>> Directory Server 8.1 into dc=oldname,dc=biz and now need that entire
>> structure to have dc=newname,dc=com at the top. Everything else stays
>> the same.
>>
>> I realize I'll need to edit all my ACIs and repoint all my LDAP clients,
>> but is there an easy way to rename the tree? I'd hate to try to move all
>> the elements (especially since I believe we can only move leaves) and
>> worse yet have to recreate the entire tree :-((((
>>
>> I assume it is not as simple as going to the top level object in the
>> directory, going to advanced properties and changing the entrydn.
>> Thanks - John
>>
>>
> With 389 1.2.6 you can do a subtree rename operation. Otherwise, I
> suggest you
> dump to ldif
> run a script on the ldif to convert oldname to newname
> import from ldif
>
<snip>
Yes, the features in 1.2.6 have me drooling! But it looks like I'll need
to go the ldif route. Any caveats, e.g., shutting down dirsrv before
starting? Is it as simple as dump, edit, import? Thanks - John
Anything under the subtree cn=config will need to be changed after the
ldif dump and before importing the new data
Also, anything under o=NetscapeRoot (if you're using the console) will
likely need to change too if it refers to the old suffix
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
9:38 a.m.
On Fri, 2010-03-26 at 17:05 -0600, Rich Megginson wrote:
John A. Sullivan III wrote:
> On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
>
>> John A. Sullivan III wrote:
>>
>>> Hello, all. We've recently undergone a corporate name and domain
>>> change, let's say from oldname.biz to newname.com. Consequently, we
>>> need to rename the top level of our LDAP structure. We installed CentOS
>>> Directory Server 8.1 into dc=oldname,dc=biz and now need that entire
>>> structure to have dc=newname,dc=com at the top. Everything else stays
>>> the same.
>>>
>>> I realize I'll need to edit all my ACIs and repoint all my LDAP
clients,
>>> but is there an easy way to rename the tree? I'd hate to try to move
all
>>> the elements (especially since I believe we can only move leaves) and
>>> worse yet have to recreate the entire tree :-((((
>>>
>>> I assume it is not as simple as going to the top level object in the
>>> directory, going to advanced properties and changing the entrydn.
>>> Thanks - John
>>>
>>>
>> With 389 1.2.6 you can do a subtree rename operation. Otherwise, I
>> suggest you
>> dump to ldif
>> run a script on the ldif to convert oldname to newname
>> import from ldif
>>
> <snip>
> Yes, the features in 1.2.6 have me drooling! But it looks like I'll need
> to go the ldif route. Any caveats, e.g., shutting down dirsrv before
> starting? Is it as simple as dump, edit, import? Thanks - John
>
Anything under the subtree cn=config will need to be changed after the
ldif dump and before importing the new data
Also, anything under o=NetscapeRoot (if you're using the console) will
likely need to change too if it refers to the old suffix
<snip>
Hmm . . . thinking this through in our relatively simple environment -
Single Master, one read only replica, one Windows synchronization
agreement.
If we dump and make the edits to userRoot and NetscapeRoot as well as
editing dse.ldif on each local LDAP server, does that cover everything
(even ACIs as I think about it) or do we still need to go into the
console and cleanup various bits manually including the cn=config (I
thought that was held in dse.ldif? Thanks - John
8:28 a.m.
John A. Sullivan III wrote:
On Fri, 2010-03-26 at 17:05 -0600, Rich Megginson wrote:
> John A. Sullivan III wrote:
>
>> On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
>>
>>
>>> John A. Sullivan III wrote:
>>>
>>>
>>>> Hello, all. We've recently undergone a corporate name and domain
>>>> change, let's say from oldname.biz to newname.com. Consequently, we
>>>> need to rename the top level of our LDAP structure. We installed CentOS
>>>> Directory Server 8.1 into dc=oldname,dc=biz and now need that entire
>>>> structure to have dc=newname,dc=com at the top. Everything else stays
>>>> the same.
>>>>
>>>> I realize I'll need to edit all my ACIs and repoint all my LDAP
clients,
>>>> but is there an easy way to rename the tree? I'd hate to try to move
all
>>>> the elements (especially since I believe we can only move leaves) and
>>>> worse yet have to recreate the entire tree :-((((
>>>>
>>>> I assume it is not as simple as going to the top level object in the
>>>> directory, going to advanced properties and changing the entrydn.
>>>> Thanks - John
>>>>
>>>>
>>>>
>>> With 389 1.2.6 you can do a subtree rename operation. Otherwise, I
>>> suggest you
>>> dump to ldif
>>> run a script on the ldif to convert oldname to newname
>>> import from ldif
>>>
>>>
>> <snip>
>> Yes, the features in 1.2.6 have me drooling! But it looks like I'll need
>> to go the ldif route. Any caveats, e.g., shutting down dirsrv before
>> starting? Is it as simple as dump, edit, import? Thanks - John
>>
>>
> Anything under the subtree cn=config will need to be changed after the
> ldif dump and before importing the new data
> Also, anything under o=NetscapeRoot (if you're using the console) will
> likely need to change too if it refers to the old suffix
>
<snip>
Hmm . . . thinking this through in our relatively simple environment -
Single Master, one read only replica, one Windows synchronization
agreement.
If we dump and make the edits to userRoot and NetscapeRoot as well as
editing dse.ldif on each local LDAP server, does that cover everything
(even ACIs as I think about it)
Yes
or do we still need to go into the
console and cleanup various bits manually including the cn=config (I
thought that was held in dse.ldif?
You should not have to change anything in the
console.
Thanks - John
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
4998
days inactive
5001
days old
389-users@lists.fedoraproject.org
5 comments
2 participants
participants (2)
-
John A. Sullivan III -
Rich Megginson