Hi. We''re trying to populate our DS with users from AD. Our plan is to build and populate the database with entries from AD, and thereafter set up Windows Sync to maintain the database. I import the LDIF file using the ldif2db.pl perl script. One issue I''ve come across is that the script finishes with "modifcation complete" regardless of success or failure. How can I get the script to report errors? Or are there maybe smarter ways of importing LDIF files on the command line? Furthermore, are there any issues with AD LDIF import I should be aware of`? Regards, kenneho
Rich Megginson
2008-Jun-05 23:34 UTC
Re: [Fedora-directory-users] Importing LDIF file from AD
Kenneth Holter wrote:> Hi. > > > We''re trying to populate our DS with users from AD. Our plan is to > build and populate the database with entries from AD, and thereafter > set up Windows Sync to maintain the database. > > I import the LDIF file using the ldif2db.pl perl script. One issue > I''ve come across is that the script finishes with "modifcation > complete" regardless of success or failure. How can I get the script > to report errors?That script just starts the task running in the server. You can check the error log for status. Or query the entry (using ldapsearch) whose DN ldif2db.pl prints out.> Or are there maybe smarter ways of importing LDIF files on the command > line?You can use ldif2db but you can only use that if the server is not running.> > Furthermore, are there any issues with AD LDIF import I should be > aware of`?You mean, exporting an LDIF from AD and importing it directly into Fedora DS? Or vice versa? If you are going to use the Fedora DS AD Sync feature, you should let Fedora DS do the initial sync - do not attempt to manually export/import from AD to Fedora DS. I''m almost certain it will not work without heavy data massaging.> > > Regards, > kenneho > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
G Venkataraman
2008-Jun-05 23:36 UTC
Re: [Fedora-directory-users] Importing LDIF file from AD
On Thu, Jun 5, 2008 at 6:36 AM, Kenneth Holter <kenneho.ndu@gmail.com> wrote:> Hi. > > We''re trying to populate our DS with users from AD. Our plan is to build > and populate the database with entries from AD, and thereafter set up > Windows Sync to maintain the database. > > I import the LDIF file using the ldif2db.pl perl script. One issue I''ve > come across is that the script finishes with "modifcation complete" > regardless of success or failure. How can I get the script to report errors? > Or are there maybe smarter ways of importing LDIF files on the command line? >The ldif2db.pl script creates a task entry that does the actual import of the LDIF file and generates the indexes. The "modification complete" message corresponds to the task entry that gets created by ldif2db.pl and not the actual import process. You should be able to see the status of the import (including any errors) in the LDAP server error log. Alternatively, if the server is shutdown, ldif2db can be used to perform a similar import.> Furthermore, are there any issues with AD LDIF import I should be aware > of`? > > Regards, > kenneho > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users-=Venkat=-
Kenneth Holter
2008-Jun-06 14:13 UTC
Re: [Fedora-directory-users] Importing LDIF file from AD
Thanks, I''ll check the error log or ldapsearch for status. Regarding syncing with AD: I see now that I wasn''t very clear on this. What I meant was exporting from AD and importing into DS. Our plan is to try and set up an unidirectional sync from AD to DS. In other words, AD should update DS, but never the other way around. If this is possible to do with Windows Sync we''ll go for that approach, otherwise we''re gonna have to find some other way to do it (script it somehow). Regards, kenneho On 6/6/08, Rich Megginson <rmeggins@redhat.com> wrote:> > Kenneth Holter wrote: > >> Hi. >> We''re trying to populate our DS with users from AD. Our plan is to build >> and populate the database with entries from AD, and thereafter set up >> Windows Sync to maintain the database. >> I import the LDIF file using the ldif2db.pl perl script. One issue I''ve >> come across is that the script finishes with "modifcation complete" >> regardless of success or failure. How can I get the script to report errors? >> > That script just starts the task running in the server. You can check the > error log for status. Or query the entry (using ldapsearch) whose DN > ldif2db.pl prints out. > >> Or are there maybe smarter ways of importing LDIF files on the command >> line? >> > You can use ldif2db but you can only use that if the server is not running. > >> Furthermore, are there any issues with AD LDIF import I should be aware >> of`? >> > You mean, exporting an LDIF from AD and importing it directly into Fedora > DS? Or vice versa? If you are going to use the Fedora DS AD Sync feature, > you should let Fedora DS do the initial sync - do not attempt to manually > export/import from AD to Fedora DS. I''m almost certain it will not work > without heavy data massaging. > >> Regards, >> kenneho >> ------------------------------------------------------------------------ >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > >