Page created: 22 Jul 2020
|
Page updated: 1 Feb 2021
| 1 min read
8.2 Product PingDirectory Directory Capability Product documentation Content Type Administration User task IT Administrator Administrator Audience Software Deployment Method Troubleshooting IT Operations
-
The bin/ldap-diff tool can be used to isolate
conflicting entries between two replicas. The following uses the tool to
search across the entire base DN for any difference in user attributes, and
reports the difference in difference.ldif.
Replace the sourceHost value with the server that needs the adjustment.
$ bin/ldap-diff --sourceHost austin02.exmple.com --sourcePort 1389 \ --sourceBindDN "cn=Directory Manager" --sourceBindPassword pass \ --targetHost austin01.example.com --targetPort 1389 \ --targetBindDN "cn=Directory Manager" --targetBindPassword --baseDN "dc=example,dc=com" --outputLDIF difference.ldif \ --searchFilter "(objectclass=*)" --numPasses 3 "*" pass \ "^userPassword"
-
The difference.ldif file is in a format that
can be used with ldapmodify to apply changes to the
server that contains conflicts. The ldap-diff command must have been run
with the sourceHost value as the server with conflicts.
The following is an example of the contents of difference.ldif:
dn: uid=user.1,ou=people,dc=example,dc=com changetype: modify add: mobile mobile: +1 568 232 6789 - delete: mobile mobile: +1 568 591 7372 -
-
Run bin/ldapmodify to correct the entries on only the
server with conflicts.
$ bin/ldapmodify --bindPassword password -J "1.3.6.1.4.1.30221.1.5.2" \ --filename difference.ldif