Page created: 6 Nov 2019
|
Page updated: 25 Mar 2020
| 1 min read
8.0 Product PingDirectory Product documentation Content Type IT Administrator Administrator Audience Administration User task Software Deployment Method Troubleshooting IT Operations Directory Capability
-
The bin/ldap-diff tool can be used to isolate
conflicting entries between two replicas. The following uses the tool to
search across the entire base DN for any difference in user attributes, and
reports the difference in difference.ldif.
Replace the sourceHost value with the server that needs the adjustment.
$ bin/ldap-diff --sourceHost austin02.exmple.com --sourcePort 1389 \ --sourceBindDN "cn=Directory Manager" --sourceBindPassword pass \ --targetHost austin01.example.com --targetPort 1389 \ --targetBindDN "cn=Directory Manager" --targetBindPassword --baseDN "dc=example,dc=com" --outputLDIF difference.ldif \ --searchFilter "(objectclass=*)" --numPasses 3 "*" pass \ "^userPassword"
-
The difference.ldif file is in a format that
can be used with ldapmodify to apply changes to the
server that contains conflicts. The ldap-diff command must have been run
with the sourceHost value as the server with conflicts.
The following is an example of the contents of difference.ldif:
dn: uid=user.1,ou=people,dc=example,dc=com changetype: modify add: mobile mobile: +1 568 232 6789 - delete: mobile mobile: +1 568 591 7372 -
-
Run bin/ldapmodify to correct the entries on only the
server with conflicts.
$ bin/ldapmodify --bindPassword password -J "1.3.6.1.4.1.30221.1.5.2" \ --filename difference.ldif