The move-subtree tool provides the ability to move multiple entries listed in a distinguished name (DN) file from one machine to another. Lines that begin with the octothorpe character (#) and empty lines will be ignored. You can prefix entry DNs with dn: , but long DNs can'tt be wrapped across multiple lines.

  1. In a text editor, create a new text file, enter a list of DNs, one DN per line, and then save the file.

    You can also use the ldapsearch command with the special character "1.1" to create a file containing a list of DNs that you want to move.

    The following example searches for all entries that match "(department=Engineering)" and returns only the DNs that match the criteria. The results are re-directed to an output file, test-dns.ldif.

    $ bin/ldapsearch --baseDN dc=example,dc=com \
      --searchScope sub "(department=Engineering)" "1.1" > test-dns.ldif
  2. To specify the file of DNs to move from one machine to another, run the move-subtree tool with the --entryDNFile option.
    $ bin/move-subtree --sourceHost source.example.com --sourcePort 389 \ 
      --sourceBindDN "uid=admin,dc=example,dc=com" --sourceBindPassword password \ 
      --targetHost target.example.com --targetPort 389 \ 
      --targetBindDN "uid=admin,dc=example,dc=com" --targetBindPassword password \ 
      --entryDNFile /path/to/file/test-dns.ldif
    Note:

    If an error occurs with one of the DNs in the file, the output message shows the error. The move-subtree tool keeps processing the remaining DNs in the file.

    An error occurred while communicating with the target server: The entry 
    uid=user.2,ou=People,dc=example,dc=com cannot be added because an entry with that name 
    already exists
    Entry uid=user.3,ou=People,dc=example,dc=com was successfully moved from 
    source.example.com:389 to target.example.com:389
    Entry uid=user.4,ou=People,dc=example,dc=com was successfully moved from 
    source.example.com:389 to target.example.com:389