Importing LDAP issue

By: Marlon Martínez user 27 Jan 2021 at 9:11 p.m. CST

5 Responses
Marlon Martínez gravatar
We are trying to import our LDAP user entries into a new Gluu installation by following the steps described in the LDIF Data Backup documentation. We are trying to move to Gluu CN edition, so we need to import all users, oxauth clients and oxauth config to our new Kubernetes installation. We have made some tests only to import all the users inside a Gluu server we created for testing. We have copy over the opendj config schema files from the Gluu source server to this Gluu testing server and we have executed the import-ldif command but all this tests have failed. We notice that everytime we execute the import command, the o=gluu dn is being removed from the LDAP tree and after that, our Gluu server is down, so we need to remove it and install it again in order to make another tests. The command we are executing is: /opt/opendj/bin/import-ldif -n userRoot --offline -b ou=people,o=gluu -l backup.ldif. The ldif file contains all the LDAP entries but we are only including the users by adding the ou=people,o=gluu. Also, we executed the list-backends command to verify if userRoot backend is pointing to o=gluu dn. We are using the JXplorer tool to inspect the LDAP tree and that's why we found that everytime we execute the import command, the o=gluu dn is being removed and the server crashes. Is there something we are forgetting? We upload an image of our actual behavior. [Image that shows the LDAP tree after execute the import command](https://drive.google.com/file/d/1IGNOscmzqGJenZQ5EYZ6XEhqgphXu1kA/view?usp=sharing) We appreciate your help and support!
Ubuntu 16.04
closed

Answers

By Mobarak Hosen Shakil staff 28 Jan 2021 at 1:33 p.m. CST

Copy
Mobarak Hosen Shakil gravatar
Hi Marlon Martínez! Thanks for reaching out at Gluu. Please, try this commnad: ``` /opt/opendj/bin/import-ldif -n userRoot --offline -l backup.ldif ``` Please, make sure that opendj is offline. Thanks and Regards Shakil

By Marlon Martínez user 28 Jan 2021 at 7:08 p.m. CST

Copy
Marlon Martínez gravatar
Thank you for your response. We already execute the command: /opt/opendj/bin/import-ldif -n userRoot --offline -l backup.ldif with opendj offile and the same issue with the LDAP happens. The o=gluu dn is being removed. The cmd show us the following error message: category=TOOLS severity=ERROR msgID=96 msg=An error occurred while attempting to process the LDIF import: The database environment could not be opened: org.forgerock.opendj.config.server.ConfigException: An error occurred while trying to decode the managed object configuration entry ds-cfg-attribute=sid,cn=Index,ds-cfg-backend-id=userRoot,cn=Backends,cn=config: The Backend Index could not be decoded due to the following reason: The value "sid" is not a valid value for the "attribute" property, which must have the following syntax: OID. We don't understand what does this mean. I hope you can help us! Thank you again. Marlon

By Mobarak Hosen Shakil staff 29 Jan 2021 at 11:53 a.m. CST

Copy
Mobarak Hosen Shakil gravatar
No Idea, why this is happenning!! Can you please try this way: 1. Make sure that, opendj is running. 2. Please, export data again with this commnad - ``` /opt/opendj/bin/export-ldif --hostname "localhost" --port 4444 --bindDN "cn=Directory manager" --bindPassword "yourpassword" --backendID userRoot --ldifFile ./backup.ldif --trustAll ``` You will find this backup file in `/opt/opendj/` 3. and finally run this command to import data: ``` /opt/opendj/bin/import-ldif --hostname "localhost" --port 4444 --bindDN "cn=Directory manager" --bindPassword "yourpassword" --backendID userRoot --ldifFile ./backup.ldif --trustAll ``` Hope this will work. Thanks and Regards ~ Shakil

By Mobarak Hosen Shakil staff 08 Feb 2021 at 9:10 a.m. CST

Copy
Mobarak Hosen Shakil gravatar
> Closing this ticket due to inactivity. Please reopen if require. > Thanks and Regards ~ Shakil

By Marlon Martínez user 10 Feb 2021 at 9:05 a.m. CST

Copy
Marlon Martínez gravatar
Thank you and sorry for the inactivity, I forgot to answer the ticket. We tried the command you posted and the same thing happened. Now, we found a way to import our ldap using the importing tool from the Apache Directory Studio. Thank you Marlon

Post an answer