PingDirectory

Fixing a modify conflict

Steps

  1. To isolate conflicting entries between two replicas, use the bin/ldap-diff tool.

    Replace the sourceHost value with the server that needs the adjustment.

    Example:

    The following example uses the tool to search across the entire base distinguish name (DN) for any difference in user attributes and reports the difference in difference.ldif.

    $ bin/ldap-diff \
  --sourceHost austin02.exmple.com --sourcePort 1389 \
  --sourceBindDN "cn=Directory Manager" --sourceBindPassword pass \
  --targetHost austin01.example.com --targetPort 1389 \
  --targetBindDN "cn=Directory Manager" --targetBindPassword \
  --baseDN "dc=example,dc=com" --outputLDIF difference.ldif \
  --searchFilter "(objectclass=*)" --numPasses 3 "*" pass \
  "^userPassword"

  2. To apply changes to the server that contains conflicts, use the difference.ldif file in a format compatible with ldapmodify.

    Run ldap-diff command with the sourceHost value as the server with conflicts.

    Example:

    The following is an example of the contents of difference.ldif file.

    dn: uid=user.1,ou=people,dc=example,dc=com
                        changetype: modify
                        add: mobile
                        mobile: +1 568 232 6789
                        -
                        delete: mobile
                        mobile: +1 568 591 7372
                        -

  3. To correct the entries on the sole server with conflicts, run bin/ldapmodify.

    Example:

    $ bin/ldapmodify --bindPassword <password> -J "1.3.6.1.4.1.30221.1.5.2" \
  --filename difference.ldif