LDIF Part

I usually get a task to review a LDIF file. I get a LDIF file and i have to "see" the data for whatever task I have to accomplish.

For example, I have to split a "sub tree" under a particular root suffix into a separate database for say replication reasons. I know that, I have to separate the entries of a branch, create a new database and import only those entries pertaining the branch.

Another example would be to just separate a particular branch for review purposes. Perhaps, I can run "ldapsearch" on the live server and obtain data. There are two issues that I usually come across, one is that I may not get access to the server in the first place, secondly, I may not get "all" the data. So, I generally request for a LDIF export of the root suffix so that I can work "offline" on the LDIF.

To address this most common challenge I wrote myself a tool called "ldifpart", written in perl. It would read the LDIF and provides with different levels in the hierarchy, then it can include/exclude to print only entries under a particular sub-tree. This will let me "split" the LDIF at any level of the tree.

$ ldifpart
This script reads a LDIF with entries and drills down the levels.
Prints the entries of a particular level if -l option is provided, else prints all the entries starting at Level 1.
Also available -b option to specify the base DN. Useful to print only a specific branch. To exclude a branch from printing, use -B option
Prints only dn of the entry if -d option is used
usage: ldifpart [-lbBd]
-b: Base DN to include
-B: Base DN to exclude
-d: Print dn lines only
-l: Level of the tree.

Let us look at an example. I wanted to just print the DNs of entries at different levels

$ ldifpart -d example_ldifpart.ldif
#Level: 1
dn: o=Corp
#Level: 2
dn: ou=Groups,o=Corp
dn: ou=People,o=Corp
#Level: 3
dn: cn=Lao Tzu,ou=People,o=Corp
dn: cn=Jon Ruiz,ou=People,o=Corp
dn: cn=Ben Dubin,ou=People,o=Corp
dn: cn=Don Knuth,ou=People,o=Corp
dn: cn=Niels Bohr,ou=People,o=Corp
dn: cn=Ted Geisel,ou=People,o=Corp
dn: cn=Uri Geller,ou=People,o=Corp
dn: cn=HR Managers,ou=groups,o=Corp
dn: cn=John Fowler,ou=People,o=Corp
dn: cn=QA Managers,ou=groups,o=Corp
dn: cn=Rod Serling,ou=People,o=Corp
dn: cn=Rosanna Lee,ou=People,o=Corp
dn: cn=Vinnie Ryan,ou=People,o=Corp
dn: cn=Ian Anderson,ou=People,o=Corp
dn: cn=Roger Waters,ou=People,o=Corp
dn: cn=Jonathan Wood,ou=People,o=Corp
dn: cn=Londo Mollari,ou=People,o=Corp
dn: cn=Maxine Erlund,ou=People,o=Corp
dn: cn=Samuel Clemens,ou=People,o=Corp
dn: cn=Scott Seligman,ou=People,o=Corp
dn: cn=Spuds Mackenzie,ou=People,o=Corp
dn: cn=Colleen Sullivan,ou=People,o=Corp
dn: cn=Accounting Managers,ou=groups,o=Corp
dn: cn=Engineering Managers,ou=groups,o=Corp
dn: cn=Directory Administrators,ou=Groups,o=Corp
#Level: 4
dn: cn=homedir,cn=Jon Ruiz,ou=people,o=Corp
dn: ou=Objects,cn=Rosanna Lee,ou=People,o=Corp
#Level: 5
dn: cn=Button,ou=Objects,cn=Rosanna Lee,ou=People,o=Corp
dn: cn=Choice,ou=Objects,cn=Rosanna Lee,ou=People,o=Corp
dn: cn=Integer,ou=Objects,cn=Rosanna Lee,ou=People,o=Corp
dn: cn=Hashtable,ou=objects,cn=Rosanna Lee,ou=People,o=Corp
dn: cn=CheckboxGroup,ou=Objects,cn=Rosanna Lee,ou=People,o=Corp

Now, suppose i want to branch out "ou=Groups" container to another database then i would need a LDIF that contains only entries under "ou=Groups" including.

$ ldifpart -b "ou=groups,o=corp" example_ldifpart.ldif
#Level: 1
dn: ou=Groups,o=Corp
ou: Groups
objectclass: top
objectclass: organizationalunit

#Level: 2
dn: cn=HR Managers,ou=groups,o=Corp
objectclass: top
objectclass: groupOfUniqueNames
cn: HR Managers
ou: groups
uniquemember: cn=Ted Geisel, ou=People, o=Corp
uniquemember: cn=Lao Tzu, ou=People, o=Corp
description: People who can manage HR entries

dn: cn=QA Managers,ou=groups,o=Corp
objectclass: top
objectclass: groupOfUniqueNames
cn: QA Managers
ou: groups
uniquemember: cn=Jonathan Wood, ou=People, o=Corp
description: People who can manage engineer entries

dn: cn=Accounting Managers,ou=groups,o=Corp
objectclass: top
objectclass: groupOfUniqueNames
cn: Accounting Managers
ou: groups
uniquemember: cn=Niels Bohr, ou=People, o=Corp
uniquemember: cn=Spuds Mackenzie, ou=People, o=Corp
description: People who can manage accounting entries

dn: cn=Engineering Managers,ou=groups,o=Corp
objectclass: top
objectclass: groupOfUniqueNames
cn: Engineering Managers
ou: groups
uniquemember: cn=John Fowler, ou=People, o=Corp
uniquemember: cn=Maxine Erlund, ou=People, o=Corp
description: People who can manage the unmanageable

dn: cn=Directory Administrators,ou=Groups,o=Corp
cn: Directory Administrators
objectclass: top
objectclass: groupofuniquenames
ou: Groups
uniquemember: cn=Rosanna Lee, ou=People, o=Corp
uniquemember: cn=Scott Seligman, ou=People, o=Corp
uniquemember: cn=Jon Ruiz, ou=People, o=Corp
uniquemember: cn=Vinnie Ryan, ou=People, o=Corp

Here is the script, and example LDIF.

Finally, the script normalizes the "DN" in the LDIF and unwraps the attributes that spawn across multiple lines. While this does not violate any LDIF standards some might perceive this as a "side effect". So, be warned. Enjoy.





Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Srikanth Konjarla

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today