I suppose you have a LDAP tree with base DN
dc=foobar,dc=org ; and you want to migrate it to
dc=newfoo,dc=org.
The strategy is :
- on the old LDAP server, do
slapcat > ldap-dump (you get a dump of the whole LDAP tree)
- if needed, remove the manager entries and similar entries
- on the new LDAP server, create the manager entries (generally, it's automatically done ; that's why you remove them in the previous step)
- do something like
sed -i "s/dc=foobar,dc=org/dc=newfoo,dc=org/g" ldap-dump to edit the dump
- stop the new LDAP server
- import the dump with
slapadd < ldap-dump (run it in try mode with
-u first!)
But if some of your DN entries contain characters outside of the ASCII 7-bit range, this won't work. Those entries look like :
dn:: ...some Base64?-encoded gibberish, generally with trailing equal signs...=
(note the double semi-colon)
Just after running the
sed command, you can then run this little Python script to address this issue.
(Of course, don't forget to change the #"s.replace(...)# line with your DN!)
Just save this script as
stringmunge.py for instance, then run
python stringmunge.py ldap-dump ldap-dump-fixed and it should work.
(At least, it did for me ;-))
#!/usr/bin/python
import sys, re, base64
def transform(s):
s = base64.decodestring(s)
s = s.replace("dc=foobar,dc=org","dc=newfoo,dc=org") # change this
s = base64.encodestring(s)
s = s.replace("\n","")
return s
regex = "dn:: (.*)\n"
inputfile = sys.argv[1]
outputfile = sys.argv[2]
data = open(inputfile).read()
matches = re.findall(regex, data)
for match in matches: data = data.replace(match,transform(match))
open(outputfile,"w").write(data)