Introduction

The LDAP Loader utility creates and (optionally) loads deployment-specific LDAP Data Interchange Format (LDIF) files.

The user is required to specify the target deployment domain at runtime, as explained below.

Command Line

The utility is invoked on the command line:

$ ./ldaploader.sh --help
Usage:
ldaploader [--help --bdn <dn> --bps <password> -d <name> -i <path> -l|+l --dn <dn> --ol <path>]
  --help                                 Print help information.
  --bdn (--binddn) dn                    Distinguished name to use when binding to a LDAP service.
  --bps (--bindpass) password            Password to use when binding to a LDAP service.
  -d (--domain) name                     Domain name to load LDAP data for.
  -i (--in) path                         Path to the input directory or archive file from which to read certificates/keys.
  -l (-load)                             Whether to load LDAP entries.
  --dn (--loaddn) dn                     Distinguished name to load the LDAP entries into.
  --ol (--outldifs) path                 Path to the output directory into which to write parsed LDIF files.

Required Options

  -d (--domain) name                     Domain name to load data for.

 

Optional Options

  --bdn (--binddn) dn                    Distinguished name to use when binding to a LDAP service.
  • The default value of the --bdn (--binddn) option is: uid=admin,ou=system
  --bps (--bindpass) password            Password to use when binding to a LDAP service.
  • The default value of the --bps (--bindpass) option is: secret
  -i (--in) path                         Path to the input directory or archive file from which to read certificates/keys.
  • The default value of the -i (--in) option is: <script path>/../out/datagen/<domain>-data.zip
  -l (-load)                             Whether to load LDAP entries.
  • The default value of the -l (--load) option is: true
  --dn (--loaddn) dn                     Distinguished name to load the LDAP entries into.
  • The default value of the --dn (--loaddn) option is: ou=system
  --ol (--outldifs) path                 Path to the output directory into which to write parsed LDIF files.
  • The default value of the --ol (--outldifs) option is: <script path>/../out/ldaploader/ldif

Example

$ ./ldaploader.sh -d localhost
Wrote 10 LDIF entries to file: out/ldaploader/ldif/default.ldif
Loaded 9 LDIF (path=utils/ldaploader/ldif/default.ldif) entries into LDAP service (ldap://ldap.localhost:10389/).
Wrote 4 LDIF entries to file: out/ldaploader/ldif/domain2ldap1.ldif
Loaded 4 LDIF (path=utils/ldaploader/ldif/domain2ldap1.ldif) entries into LDAP service (ldap://ldap.localhost:11389/).

Deployment

  • Note: The LDAP Loader utility always performs a minimum amount of changes (if loading is enabled).
    • The LDIF files are generated by performing a diff between a set of complete/template files and the existing entries in the target LDAP service(s).
    • If an entry with a matching Distinguished Name (DN) already exists, it is modified.
    • If an entry attribute already exists, its value is overwritten, unless the bytes of the existing/loading values are equivalent. If this is the case, the entry attribute is altogether excluded from the resulting LDIF file(s).
  • No labels