• Use ldap-diff to compare two Directory Servers and return only those entries that are missing on one of the servers using the --missingOnly option, which can significantly reduce the runtime for this utility.
    $ bin/ldap-diff --outputLDIF difference.ldif \ 
      --sourceHost server1.example.com --sourcePort 1389 \ 
      --sourceBindDN "cn=Directory Manager" --sourceBindPassword secret1 \ 
      --targetHost server2.example.com --targetPort 2389 \ 
      --targetBindDN "cn=Directory Manager" --targetBindPassword secret2 \ 
      --baseDN dc=example,dc=com --searchFilter "(objectclass=*)" "^userpassword" \
      --missingOnly