Hello, all. We've recently undergone a corporate name and domain change, let's say from oldname.biz to newname.com. Consequently, we need to rename the top level of our LDAP structure. We installed CentOS Directory Server 8.1 into dc=oldname,dc=biz and now need that entire structure to have dc=newname,dc=com at the top. Everything else stays the same.
I realize I'll need to edit all my ACIs and repoint all my LDAP clients, but is there an easy way to rename the tree? I'd hate to try to move all the elements (especially since I believe we can only move leaves) and worse yet have to recreate the entire tree :-((((
I assume it is not as simple as going to the top level object in the directory, going to advanced properties and changing the entrydn. Thanks - John
John A. Sullivan III wrote:
Hello, all. We've recently undergone a corporate name and domain change, let's say from oldname.biz to newname.com. Consequently, we need to rename the top level of our LDAP structure. We installed CentOS Directory Server 8.1 into dc=oldname,dc=biz and now need that entire structure to have dc=newname,dc=com at the top. Everything else stays the same.
I realize I'll need to edit all my ACIs and repoint all my LDAP clients, but is there an easy way to rename the tree? I'd hate to try to move all the elements (especially since I believe we can only move leaves) and worse yet have to recreate the entire tree :-((((
I assume it is not as simple as going to the top level object in the directory, going to advanced properties and changing the entrydn. Thanks - John
With 389 1.2.6 you can do a subtree rename operation. Otherwise, I suggest you dump to ldif run a script on the ldif to convert oldname to newname import from ldif
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
John A. Sullivan III wrote:
Hello, all. We've recently undergone a corporate name and domain change, let's say from oldname.biz to newname.com. Consequently, we need to rename the top level of our LDAP structure. We installed CentOS Directory Server 8.1 into dc=oldname,dc=biz and now need that entire structure to have dc=newname,dc=com at the top. Everything else stays the same.
I realize I'll need to edit all my ACIs and repoint all my LDAP clients, but is there an easy way to rename the tree? I'd hate to try to move all the elements (especially since I believe we can only move leaves) and worse yet have to recreate the entire tree :-((((
I assume it is not as simple as going to the top level object in the directory, going to advanced properties and changing the entrydn. Thanks - John
With 389 1.2.6 you can do a subtree rename operation. Otherwise, I suggest you dump to ldif run a script on the ldif to convert oldname to newname import from ldif
<snip> Yes, the features in 1.2.6 have me drooling! But it looks like I'll need to go the ldif route. Any caveats, e.g., shutting down dirsrv before starting? Is it as simple as dump, edit, import? Thanks - John
John A. Sullivan III wrote:
On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
John A. Sullivan III wrote:
Hello, all. We've recently undergone a corporate name and domain change, let's say from oldname.biz to newname.com. Consequently, we need to rename the top level of our LDAP structure. We installed CentOS Directory Server 8.1 into dc=oldname,dc=biz and now need that entire structure to have dc=newname,dc=com at the top. Everything else stays the same.
I realize I'll need to edit all my ACIs and repoint all my LDAP clients, but is there an easy way to rename the tree? I'd hate to try to move all the elements (especially since I believe we can only move leaves) and worse yet have to recreate the entire tree :-((((
I assume it is not as simple as going to the top level object in the directory, going to advanced properties and changing the entrydn. Thanks - John
With 389 1.2.6 you can do a subtree rename operation. Otherwise, I suggest you dump to ldif run a script on the ldif to convert oldname to newname import from ldif
<snip> Yes, the features in 1.2.6 have me drooling! But it looks like I'll need to go the ldif route. Any caveats, e.g., shutting down dirsrv before starting? Is it as simple as dump, edit, import? Thanks - John
Anything under the subtree cn=config will need to be changed after the ldif dump and before importing the new data Also, anything under o=NetscapeRoot (if you're using the console) will likely need to change too if it refers to the old suffix
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
On Fri, 2010-03-26 at 17:05 -0600, Rich Megginson wrote:
John A. Sullivan III wrote:
On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
John A. Sullivan III wrote:
Hello, all. We've recently undergone a corporate name and domain change, let's say from oldname.biz to newname.com. Consequently, we need to rename the top level of our LDAP structure. We installed CentOS Directory Server 8.1 into dc=oldname,dc=biz and now need that entire structure to have dc=newname,dc=com at the top. Everything else stays the same.
I realize I'll need to edit all my ACIs and repoint all my LDAP clients, but is there an easy way to rename the tree? I'd hate to try to move all the elements (especially since I believe we can only move leaves) and worse yet have to recreate the entire tree :-((((
I assume it is not as simple as going to the top level object in the directory, going to advanced properties and changing the entrydn. Thanks - John
With 389 1.2.6 you can do a subtree rename operation. Otherwise, I suggest you dump to ldif run a script on the ldif to convert oldname to newname import from ldif
<snip> Yes, the features in 1.2.6 have me drooling! But it looks like I'll need to go the ldif route. Any caveats, e.g., shutting down dirsrv before starting? Is it as simple as dump, edit, import? Thanks - John
Anything under the subtree cn=config will need to be changed after the ldif dump and before importing the new data Also, anything under o=NetscapeRoot (if you're using the console) will likely need to change too if it refers to the old suffix
<snip> Hmm . . . thinking this through in our relatively simple environment - Single Master, one read only replica, one Windows synchronization agreement.
If we dump and make the edits to userRoot and NetscapeRoot as well as editing dse.ldif on each local LDAP server, does that cover everything (even ACIs as I think about it) or do we still need to go into the console and cleanup various bits manually including the cn=config (I thought that was held in dse.ldif? Thanks - John
John A. Sullivan III wrote:
On Fri, 2010-03-26 at 17:05 -0600, Rich Megginson wrote:
John A. Sullivan III wrote:
On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
John A. Sullivan III wrote:
Hello, all. We've recently undergone a corporate name and domain change, let's say from oldname.biz to newname.com. Consequently, we need to rename the top level of our LDAP structure. We installed CentOS Directory Server 8.1 into dc=oldname,dc=biz and now need that entire structure to have dc=newname,dc=com at the top. Everything else stays the same.
I realize I'll need to edit all my ACIs and repoint all my LDAP clients, but is there an easy way to rename the tree? I'd hate to try to move all the elements (especially since I believe we can only move leaves) and worse yet have to recreate the entire tree :-((((
I assume it is not as simple as going to the top level object in the directory, going to advanced properties and changing the entrydn. Thanks - John
With 389 1.2.6 you can do a subtree rename operation. Otherwise, I suggest you dump to ldif run a script on the ldif to convert oldname to newname import from ldif
<snip> Yes, the features in 1.2.6 have me drooling! But it looks like I'll need to go the ldif route. Any caveats, e.g., shutting down dirsrv before starting? Is it as simple as dump, edit, import? Thanks - John
Anything under the subtree cn=config will need to be changed after the ldif dump and before importing the new data Also, anything under o=NetscapeRoot (if you're using the console) will likely need to change too if it refers to the old suffix
<snip> Hmm . . . thinking this through in our relatively simple environment - Single Master, one read only replica, one Windows synchronization agreement.
If we dump and make the edits to userRoot and NetscapeRoot as well as editing dse.ldif on each local LDAP server, does that cover everything (even ACIs as I think about it)
Yes
or do we still need to go into the console and cleanup various bits manually including the cn=config (I thought that was held in dse.ldif?
You should not have to change anything in the console.
Thanks - John
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org
-
John A. Sullivan III -
Rich Megginson