• Use ldap-diff to compare the entries in two Directory Server instances. In the following example, the utility uses a single DN input file for the source and target servers, so that no search filter is used. Ignore the userpassword attribute due to the password storage scheme that uses a one-way hashing algorithm.
    $ bin/ldap-diff --outputLDIF difference.ldif \ 
      --sourceHost server1.example.com --sourcePort 1389 \ 
      --sourceBindDN "cn=Directory Manager" --sourceBindPassword secret1 \ 
      --targetHost server2.example.com --targetPort 2389 \ 
      --targetBindDN "cn=Directory Manager" --targetBindPassword secret2 \ 
      --baseDN "dc=example,dc=com" --sourceDNsFile input-file.ldif \ 
      --targetDNsFile input-file.ldif "^userpassword"