Embed

COMMAND_LINE_TOOLS_FOR_LDAPSEARCHES

Document Sample

Shared by: Aashish Sharma

Tags

Stats

views:: 325
posted:: 8/29/2009
language:: English
pages:: 3

Public Domain

Ldapsearches and OID checks for multiple use PURPOSE Useful ldapsearches and OID checks for multiple use: #1. Get password: ldapsearch -h -p -D cn=orcladmin -w -b "cn=IAS,cn=Products,cn=OracleContext" -s sub -v OrclresourceName=ORASSO| grep orclpasswordattribute #2. Dump ldap server configset: ldapsearch -h -p -D cn=orcladmin -w -b cn=configset0,cn=osdldapd,cn=subconfigsubentry -s base -v "objectclass=*" #3. Dump dip server configset: ldapsearch -h -p -D cn=orcladmin -w -b cn=instance1,cn=odisrv,cn=subregistrysubentry -s base -v "objectclass=*" #4. Dump dip server profile. If you want to get all the profiles in the directory: ldapsearch -h -p -D cn=orcladmin -w -b 'cn=subscriber profile,cn=changelog subscriber,cn=oracle internet directory' -s sub 'objectclass=*' Comment: This command will return the password in cleartext, only if you run with orcladmin credentials: (see Bug 3130561) ldapsearch -h -p -D cn=orcladmin -w -b "orclodipagentname=iplanetimport,cn=subscriber profile,cn=changelog subscriber,cn=oracle internet directory" -s sub "objectclass=*" #5. Dump schema: ldapsearch -h -p -D cn=orcladmin -w -b cn=subschemasubentry -s base -v "objectclass=*" #6. Basic entry search: ldapsearch -h -p -D cn=orcladmin -w -s sub -b "ou=people,o=oracle.com" "objectclass=*" uid #7. Get default subscriber ldapsearch -h -p -D cn=orcladmin -w -b "cn=common,cn=products,cn=oraclecontext" -L -s base "objectclass=*" orcldefaultsubscriber #8. Show OID Version ldapsearch -h -p -b "" -s base "objectclass=*" orcldirectoryversion

#9. Dump system operation attributes: ldapsearch -h -p -D cn=orcladmin -w -b "" -s base -v "objectclass=*" #10. To check if you have any orclaci: ldapsearch -p -h -D -w -b "" -s sub "orclaci=*" orclaci Note: you can also use -b "" #11. Dump indexed attributes (cn=catalogs): ldapsearch -h -p -D cn=orcladmin -w -b "cn=catalogs" -s base -v "objectclass=*" #12. Dump replication configset info: ldapsearch -h -p -D cn=orcladmin -w -b "cn=osdrepld,cn=subconfigsubentry" -s base "objectclass=*" Or dump both repl and ldap: ldapsearch -h -p -D cn=orcladmin -w -b cn=subregistrysubentry -s sub -v "objectclass=*" Dump replication agreement: ldapsearch -h -p -L -D cn=orcladmin -w -b "orclagreementid=000001, cn=orclreplagreements" -s base "objectclass=*" (If any fails, indicate to try also against ssl port # for -p value) #13. Dumping ACIs: ldapsearch -h -p -D cn=orcladmin -w -b "" s base objectclass=* orclaci #14. Dump Registry Entries: for the oidldapd configsets: ldapsearch -h -p -D cn=orcladmin -w -b cn=osdldapd,cn=subregistrysubentry -s sub -L objectclass=* for the odisrv configsets: ldapsearch -h -p -D cn=orcladmin -w -b cn=odisrv,cn=subregistrysubentry -s sub -L objectclass=* #15. Dump External Authentication Plugin: ldapsearch -h -p -D cn=orcladmin -w -b "cn=,cn=plugin,cn=subconfigsubentry" -s base objectclass=*

plugin names: adwhenbind adwhencompare ipwhenbind ipwhencompare #16. Dump DIP Provisioning Profile: ldapsearch -h -p -D "cn=orcladmin" -w -L -s sub -b "cn=provisioning profiles,cn=changelog subscriber,cn=oracle internet directory" "(objectclass=orclODIPIntegrationProfile)" "*"

IPlanet:

#1. Search iplanet entries: ldapsearch -h -p -D cn=orcladmin -w -s sub -b "ou=people,o=oracle.com" "objectclass=*" uid #2. Get last change number from iplanet: ldapsearch -h -p -D cn=orcladmin -w -base "" -s base "objectclass=*" lastchangenumber

OCS/UM searches:

#1. Get config of smtp_in values: ldapsearch -h -p -D cn=orcladmin -w -b "cn=:UM_SYSTEM:smtp_in,cn=mailProcessConfig,cn=eMailServer,cn=ocsmid,cn=,cn= Computers,cn=OracleContext" -s sub "objectclass=*" #2. Get ocs smtp entries: ldapsearch -h -p -D "cn=orcladmin" -w -s sub -b "cn=Computers,cn=OracleContext" -v "cn=*smtp*" #3. Get ocs imap entries: ldapsearch -h -p -D "cn=orcladmin" -w -s sub -b "cn=Computers,cn=OracleContext" -v "cn=*imap*"

SQL BASED SEARCHES # See if directory is TRUELY empty to prepare for bulkload: SQLPLUS ods/ods @select count(*) from ct_dn where entryid >= 2005; Both versions use script ldapdncnt.sql, but 2.1.1 simply checks if there are entries in ct_dn table with entryid >= 2005. Entryids lower than that belongs to the base schema.