I tried to export all Entries that be already imported with ldaptools and i used this
.\ldapsearch.exe -x -c -h example -D "uid=admin,ou=system" -w secret -b "example" > output_file.ldif
But i did not get the same order especially some Entries were with "add: uniqueMember"
Any tips to export them to get the same as orginal files.
The LDAP (protocol) does not ensure the order of returned Attribute or Values.
There is nothing in LDAP that will help.
You would have to order them on your client.
Related
I tried to delete one of my Jelastic environments by means of the following API call:
curl -k \
-H "${CONTENT_TYPE}" \
-A "${USER_AGENT}" \
-X POST \
-fsS ${HOSTER_URL}/1.0/environment/control/rest/deleteenv -d "password=${password}&session=${session}&envName=${envName}
where I am sure that the session and envName are correct, as I have other commands running perfectly well with them. In particular, I get the session in the following way:
getSession() {
local login=$1
local password=$2
local hosterUrl=$3
echo "Signing in..." >&2
local cmd=$(curl -k -H "${CONTENT_TYPE}" -A "${USER_AGENT}" -X POST \
-fsS "$hosterUrl/1.0/users/authentication/rest/signin" -d "login=$login&password=$password");
exitOnFail $cmd
echo "Signed in" >&2
echo $(jq '.session' <<< $cmd | sed 's/\"//g')
}
In the call to deleteenv, I provide the very same password as that of my Jelastic provider account. Indeed, when I want to delete an environment through Jelastic's dashboard, this is the password I need to provide to make the deletion happen. However, I get the following error:
{"result":801,"source":"hx-core","error":"invalid password"}
Because the password field is documented as optional in Jelastic's API documentation, I tried not to set the password. This yields the following error:
{"result":3,"source":"JEL","error":"invalid parameter [password] for method [DeleteEnv] in service [ControlService]"}
I tried to use other secrets as that password, like the APPID, without any success.
Does anyone have a clue what password I need to put there?
We used the same oneliner based on API you used, your script to get a session and the same Jelastic version but were not able to reproduce this issue. Environment were successfully deleted.
Does anyone have a clue what password I need to put there?
This is the same password as you used to get session or to enter Dashboard. Make sure there are no additional symbols in your password variable.
Because the password field is documented as optional
Indeed, it's optional if use token instead of session. In case of session, password is an obligatory parameter.
I am using Postgres in my production server that houses my Django application. I am trying to create a database in psql that already exists. I have the host name, username, password, port, all that good stuff, but after reading Postgres' documentation it seems that there is no way to add in a prexisting database.
No, you cannot create a database if it's already created.
It seems like you have a dump (a .sql file) that you want to load in your production server.
By default pg_dump will not include the CREATE DATABASE statement into the .sql file so you should be able to load the .sql file just doing:
psql -h <DB_HOST> -U <DB_USER> -p <DB_PORT> -W <DB_NAME> < <PATH_TO_YOUR_SQL_FILE>
Example:
psql -h localhost -U db_user -p 5432 -W db_name < /tmp/my_dump.sql
That's it.
Let me know if you have any issues doing that.
Cheers
.
I have an odd problem, where I cannot seem to use wildcard searches for the "member" or the "uniquemember" attibutes for a group.
Consider the following:
cn=myusers,ou=groups,dc=example,dc=com
objectClass=groupOfNames
objectClass=top
This returns fine:
ldapsearch -h ldap-server -p 389 -D "cn=admin,dc=example,dc=com" -w Password -s sub -b "ou=groups,dc=example,dc=com" "(objectclass=groupOfNames)" member
cn=myusers,ou=groups,dc=example,dc=com
member=cn=user1234,ou=groups,dc=example,dc=com
And if I use this, it also works fine:
ldapsearch -h ldap-server -p 389 -D "cn=admin,dc=example,dc=com" -w Password -s sub -b "ou=groups,dc=example,dc=com" "(&(member=cn=user1234,ou=groups,dc=example,dc=com)(objectclass=groupOfNames)" member
But, suppose I want to find all the groups, with member names that start with "user". I try this:
ldapsearch -h ldap-server -p 389 -D "cn=admin,dc=example,dc=com" -w Password -s sub -b "ou=groups,dc=example,dc=com" "(&(member=cn=user*)(objectclass=groupOfNames))" member
But nothing returns!
Now I have tried adding indexes to the "member" and "uniquemember" attibutes as:
member pres,eq,approx,sub
uniquemember pres,eq,approx,sub
... but get a returned error of 'additional info: approx index of attribute "member" disallowed', so I was left with:
member pres,eq
uniquemember pres,eq
Even after the change, I still cannot perform wildcard searches using "member" or "uniquemember" attibutes. Any ideas?
.
This works as expected with the UnboundID Directory Server. Try updating the directory server software - there are some similar questions on the OpenLDAP forums where this problem was resolved by a fix to DN normalization.
Also, there is no such thing as a 'wildcard' search. The assertion value to which you refer results in what is called a 'substring' search. For increased performance, the server should index the member and uniqueMember attribute values for substring (sub), assuming the legacy OpenLDAP server supports indexing those attributes for substrings.
Can someone tell me the best way to export entries (user information, their groups and roles, etc) from 389 Directory Server so it can be best imported into a different LDAP server? Do these files follow some standard format? Is there a general best practice to doing this?
Thanks!
It turns out this is very easy from the 389-console (the UI for 389 Directory server).
From the 'Tasks' tab on the UI for the directory server, click on the 'Export Databases' link.
This will export the LDAP schema as and LDIF (LDAP Data Interchange Format) file, which is a standardized format for LDAP information.
With the command line below you can export to LDIF format, that you can then import into another server:
db2ldif -s 'dc=example,dc=com' -a /tmp/ldifdump.ldif -m -E -q
Can anyone help me out on this? I'am trying to add another attribute on my LDAP, but i don't know much about this. It returns an error after trying the sample i searched on net. This command will be used on my perl program to add new attribute "status" w/ value "yes"..
Help pls?
/usr/bin/ldapmodify -x -D "cn=Test,ou=mygroup.com,o=group2.com" -a "status=yes"??
the -W doesn't work too.
Error: ldap_bind: Can't contact LDAP server (-1)
Try -v for detail log and -w should be in lower case. As for excluding the password one way is to use '-w -' which you will be prompt to enter the password. Hope this helps.
Ensure that you have the status attribute defined in the schema (the attribute cannot be added to an entry unless the entry has an objectClass attribute value that allows the status attribute). Further, the authentication identity cn=Test,ou=mygroup.com,o=group2.com must have permission to add the attribute.
Use ldapmodify to add the status attribute:
ldapmodify -x -D "cn=Test,ou=mygroup.com,o=group2.com" -h hostname -p port <<!
version: 1
dn: uid=user.0,ou=people,dc=example,dc=com
changetype: modify
add: status
status: first value
status: second value
!
The above example adds two values to the status attribute (assuming it is a multi-valued attribute). For more information about the ldapmodify tool see "Using ldapmodify".