The move-subtree tool provides the ability to move multiple entries
listed in a distinguished name (DN) file from one machine to another. Lines that begin
with the octothorpe character (#) and empty lines will be ignored. You can prefix entry
dn: , but long DNs can'tt be wrapped across multiple
In a text editor, create a new text file, enter a list of DNs, one DN per line, and
then save the file.
You can also use the ldapsearch command with the special character
"1.1"to create a file containing a list of DNs that you want to move.
The following example searches for all entries that match
"(department=Engineering)"and returns only the DNs that match the criteria. The results are re-directed to an output file, test-dns.ldif.
$ bin/ldapsearch --baseDN dc=example,dc=com \ --searchScope sub "(department=Engineering)" "1.1" > test-dns.ldif
To specify the file of DNs to move from one machine to another, run the
move-subtree tool with the --entryDNFile
$ bin/move-subtree --sourceHost source.example.com --sourcePort 389 \ --sourceBindDN "uid=admin,dc=example,dc=com" --sourceBindPassword password \ --targetHost target.example.com --targetPort 389 \ --targetBindDN "uid=admin,dc=example,dc=com" --targetBindPassword password \ --entryDNFile /path/to/file/test-dns.ldifNote:
If an error occurs with one of the DNs in the file, the output message shows the error. The
move-subtreetool keeps processing the remaining DNs in the file.
An error occurred while communicating with the target server: The entry uid=user.2,ou=People,dc=example,dc=com cannot be added because an entry with that name already exists Entry uid=user.3,ou=People,dc=example,dc=com was successfully moved from source.example.com:389 to target.example.com:389 Entry uid=user.4,ou=People,dc=example,dc=com was successfully moved from source.example.com:389 to target.example.com:389