PingDirectory

Performing post-LDIF-export task processing

When you invoke an LDIF export as an administrative task, the server can perform additional processing after successfully writing the LDIF file.

About this task

Although you can use the Server SDK to develop custom post-LDIF-export task processors, the server also provides the upload-to-s3 processor type, which you can use to upload the resulting LDIF file to a specified Amazon S3 bucket as a means of an off-site backup mechanism.

To configure the post-LDIF-export upload to the S3 bucket:

Steps

  1. If the server isn’t configured with an appropriate Amazon AWS external server definition, create one with the necessary settings for connecting and authenticating to the AWS service.

    Example:

    dsconfig create-external-server \
      --server-name AWS \
      --type amazon-aws \
      --set authentication-method:access-key \
      --set aws-access-key-id:<accessKeyID>  \
      --set aws-secret-access-key:<secretAccessKey>  \
      --set aws-region-name:us-east-1
  2. Configure an instance of the upload-to-s3 post-LDIF-export task processor with the appropriate settings.

    Example:

    dsconfig create-post-ldif-export-task-processor \
      --processor-name "Upload to S3" \
      --type upload-to-s3 \
      --set enabled:true \
      --set aws-external-server:AWS \
      --set s3-bucket-name:<bucketName>  \
      --set maximum-file-count-to-retain:20 \
      --set "maximum-file-age-to-retain:1 w"
  3. When performing an LDIF export as an administrative task using the export-ldif tool, use the --postExportProcessor argument with the processor-name value of the desired post-LDIF-export task processor.

    Example:

    bin/export-ldif \
      --task \
      --hostname ds.example.com \
      --port 636 \
      --useSSL \
      --bindDN uid=admin,dc=example,dc=com \
      --bindPasswordFile /path/to/admin-password.txt \
      --backendID userRoot \
      --ldifFile ldif/userRoot.ldif \
      --postExportProcessor "Upload to S3"

    To specify that a post-LDIF-export task processor should be used when performing an automated LDIF export through a recurring task, set the post-ldif-export-task-processor property in the configuration for the recurring task.