LDAP Database--odsee--suffix

The suffix of an LDAP database is the basis for establishing a replication protocol between LDAP, and the creation of suffix can be done either through the management interface or through the command line. The difference is that suffix created by the admin interface automatically creates an ACI for anonymous read permissions that should be suffix, but not through the command line.

Create the suffix command as follows:

/bin/dsconf create-suffix-h hostname-p port-w/usr/db/odsee/pwd DC=EXAMPLE,DC=CR

To create a sub-suffix:

/bin/dsconf create-suffix-h hostname-p port-w/usr/db/odsee/pwd O=ORG,DC=EXAMPLE,DC=CR

Set the DN of the sub suffix

/bin/dsconf set-suffix-prop-h hostname-p port-w/usr/db/odsee/pwd o=org,dc=example,dc=cr parent-suffix-dn:dc=example , DC=CR

Suffix data import

Suffix initialization can be seen as data import, through dsconf and Dsadm, the difference is to use the DSADM to stop the LDAP instance of the incident.

Initialize suffix with dsconf:

/bin/dsconf import-h hostname-p port-ik-w/usr/db/odsee/pwd [-X DN] ... Ldif_file [Ldif_file ...] Suffix_dn

Parameter description:

-K: Import input for incremental room

-I: whether to interact

-X: DN not included

Ldif_file:ldif initialization file path, can be multiple files

SUFFIX_DN: Initialize SUFFIX with DN

Initialize suffix with dsadm, same as command line arguments

/bin/dsadm Stop Instance_path

/bin/dsadm import-ik-w/usr/db/odsee/pwd instance_path/local/dsinst/ldif/ldif_file SUFFIX_DN

/bin/dsadm Start Instance_path

Suffix Data export

Suffix data data export can also be done through dsconf and Dsadm.

Export using dsconf (normal production environment, there will not be a case to stop the server instance for maintenance, so the general backup operation is used dsconf)

/bin/dsconf export-h hostname-p port-w/usr/db/odsee/pwd-f not-export-unique-id--no-repl SUFFIX_DN[SUFFIX_DN ...] Gz_ldif_file

Parameter description:

Gz_ldif_file: Export to LDIF file path

The other parameters are the same as above, this is the Export command I use for daily maintenance, if you want to know more about the Odsee online manual.

　　　

To export using Dsadm:

/BIN/DSADM export [-biq] [-s DN] ... [-X DN] ... [-F FLAG] ... [-y [-W Cert_pw_file]] Instance_path suffix_dn [suffix_dn ...] Gz_ldif_file

Parameter description:

-S: Includes those DN

-X: Does not include those DN

Instance_path: the instance path to export

SUFFIX_DN: Exported SUFFIX

Gz_ldif_file: Export to LDIF file path

Delete suffix

　　When a suffix is deleted, the replication protocol that should be suffix is also deleted.

　/bin/dsconf delete-repl-agmt-h host-p Port suffix_dn host:port [Host:port ...]

Configuring the Suffix Property

View suffix properties, suffix cache size

/bin/dsconf Help-properties-v | grep entry-cache-size

Setting the suffix cache size

/bin/dsconf set-suffix-prop-h host-p Port dc=example,dc=com entry-cache-size:12m

Get suffix Cache settings

/bin/dsconf get-suffix-prop-h host-p Port dc=example,dc=com entry-cache-size

　　

All the property values of the LDAP DB instance are set and viewed in roughly the same way, extrapolate.

LDAP Database--odsee--suffix