[389-users] How to rename DIT?

John A. Sullivan III jsullivan at opensourcedevel.com
Sat Mar 27 14:38:59 UTC 2010 

On Fri, 2010-03-26 at 17:05 -0600, Rich Megginson wrote:
> John A. Sullivan III wrote:
> > On Fri, 2010-03-26 at 16:28 -0600, Rich Megginson wrote:
> >   
> >> John A. Sullivan III wrote:
> >>     
> >>> Hello, all.  We've recently undergone a corporate name and domain
> >>> change, let's say from oldname.biz to newname.com.  Consequently, we
> >>> need to rename the top level of our LDAP structure.  We installed CentOS
> >>> Directory Server 8.1 into dc=oldname,dc=biz and now need that entire
> >>> structure to have dc=newname,dc=com at the top.  Everything else stays
> >>> the same.
> >>>
> >>> I realize I'll need to edit all my ACIs and repoint all my LDAP clients,
> >>> but is there an easy way to rename the tree? I'd hate to try to move all
> >>> the elements (especially since I believe we can only move leaves) and
> >>> worse yet have to recreate the entire tree :-((((
> >>>
> >>> I assume it is not as simple as going to the top level object in the
> >>> directory, going to advanced properties and changing the entrydn.
> >>> Thanks - John
> >>>   
> >>>       
> >> With 389 1.2.6 you can do a subtree rename operation.  Otherwise, I 
> >> suggest you
> >> dump to ldif
> >> run a script on the ldif to convert oldname to newname
> >> import from ldif
> >>     
> > <snip>
> > Yes, the features in 1.2.6 have me drooling! But it looks like I'll need
> > to go the ldif route.  Any caveats, e.g., shutting down dirsrv before
> > starting? Is it as simple as dump, edit, import? Thanks - John
> >   
> Anything under the subtree cn=config will need to be changed after the 
> ldif dump and before importing the new data
> Also, anything under o=NetscapeRoot (if you're using the console) will 
> likely need to change too if it refers to the old suffix
<snip>
Hmm . . . thinking this through in our relatively simple environment -
Single Master, one read only replica, one Windows synchronization
agreement.

If we dump and make the edits to userRoot and NetscapeRoot as well as
editing dse.ldif on each local LDAP server, does that cover everything
(even ACIs as I think about it) or do we still need to go into the
console and cleanup various bits manually including the cn=config (I
thought that was held in dse.ldif? Thanks - John

More information about the 389-users mailing list