{"id":339,"date":"2011-07-14T14:06:41","date_gmt":"2011-07-14T14:06:41","guid":{"rendered":""},"modified":"2015-08-17T18:05:57","modified_gmt":"2015-08-17T16:05:57","slug":"migracja-danych-openldap-opendj","status":"publish","type":"post","link":"https:\/\/drfugazi.eu.org\/en\/migracja-danych-openldap-opendj\/","title":{"rendered":"Migracja danych z OpenLDAP do OpenDJ"},"content":{"rendered":"

Sorry, this entry is only available in Polish<\/a>. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.<\/p>

Je\u015bli posiadacie ju\u017c jakie\u015b dane w katalogu opartym na OpenLDAP i istnieje potrzeba migracji tych\u017ce do OpenDJ, to mo\u017cna to zrobi\u0107 na kilka sposob\u00f3w. Najszybszym jest przeniesienie ich mi\u0119dzy backendami. Po drodze nale\u017cy jednak wyci\u0105\u0107 kilka atrybut\u00f3w wewn\u0119trznych OpenLDAPa, kt\u00f3rych OpenDJ mo\u017ce nie przyj\u0105\u0107. Najpierw zr\u00f3bmy zrzut i policzmy ilo\u015b\u0107 wpis\u00f3w (entry):<\/p>\n

# slapcat > openldap.ldif\r\n# grep -c \"^dn: \" openldap.ldif\r\n41667\r\n<\/code><\/pre>\n
Zrzut ponad 41 tys. rekord\u00f3w zajmuje ok. 5 sekund, w tym czasie katalog normalnie dzia\u0142a i obs\u0142uguje zapytania. Wa\u017cne jednak, aby nie by\u0142y dokonywane w nim zmiany ju\u017c po zrzucie, bo nie b\u0119dzie ich odwzorowania w pliku. Czas na utworzenie pliku LDIF zjedliwego przez OpenDJ:<\/p>\n
# egrep -v \"(structuralObjectClass|entryUUID|creatorsName|createTimestamp|\\ entryCSN|modifiersName|modifyTimestamp)\" openldap.ldif > opendj.ldif\r\n# grep -c \"^dn: \" opendj.ldif\r\n41667\r\n<\/code><\/pre>\n
Ilo\u015b\u0107 entry si\u0119 zgadza, kopiuj\u0119 plik do kontenera z OpenDJ i przyst\u0119puj\u0119 do importu:<\/p>\n
# cd \/data\/var\/OpenDJ-2.4.3\/bin\r\n# .\/stop-ds\r\n# .\/import-ldif -a -b dc=domain,dc=tld -l ..\/..\/opendj.ldif\r\n<\/code><\/pre>\n
Podczas importu b\u0119d\u0105 wy\u015bwietlane podobne komunikaty:<\/p>\n
...\r\n[14\/Jul\/2011:13:54:56 +0200] category=JEB severity=NOTICE msgID=8847533 msg=OpenDJ 2.4.3 starting import (build 20110613203412Z, R6998)\r\n[14\/Jul\/2011:13:54:56 +0200] category=JEB severity=NOTICE msgID=8847449 msg=Import Thread Count: 16 threads\r\n[14\/Jul\/2011:13:55:07 +0200] category=JEB severity=NOTICE msgID=8847456 msg=Processed 4027 entries, skipped 0, rejected 0, and migrated 0 (recent rate 401.6\/sec)\r\n[14\/Jul\/2011:13:55:07 +0200] category=JEB severity=NOTICE msgID=8847457 msg=Free memory = 165 MB, Cache miss rate = -0.0\/entry\r\n[14\/Jul\/2011:13:55:17 +0200] category=JEB severity=NOTICE msgID=8847456 msg=Processed 8285 entries, skipped 0, rejected 0, and migrated 0 (recent rate 425.8\/sec)\r\n[14\/Jul\/2011:13:55:17 +0200] category=JEB severity=NOTICE msgID=8847457 msg=Free memory = 239 MB, Cache miss rate = 0.0\/entry\r\n[14\/Jul\/2011:13:55:27 +0200] category=JEB severity=NOTICE msgID=8847456 msg=Processed 22912 entries, skipped 0, rejected 0, and migrated 0 (recent rate 1462.7\/sec)\r\n[14\/Jul\/2011:13:55:27 +0200] category=JEB severity=NOTICE msgID=8847457 msg=Free memory = 148 MB, Cache miss rate = 0.0\/entry\r\n[14\/Jul\/2011:13:55:37 +0200] category=JEB severity=NOTICE msgID=8847456 msg=Processed 40627 entries, skipped 0, rejected 0, and migrated 0 (recent rate 1771.7\/sec)\r\n...\r\n[14\/Jul\/2011:13:56:01 +0200] category=JEB severity=NOTICE msgID=8847514 msg=Index dn.dn 95% complete: remaining = 106 kb, rate = 11 kb\/s; batch 1\/1\r\n[14\/Jul\/2011:13:56:01 +0200] category=JEB severity=NOTICE msgID=8847514 msg=Index mail.substring 84% complete: remaining = 875 kb, rate = 63 kb\/s; batch 1\/1\r\n...\r\n[14\/Jul\/2011:13:56:05 +0200] category=JEB severity=NOTICE msgID=8847539 msg=Index sn.equality phase two processing completed\r\n[14\/Jul\/2011:13:56:05 +0200] category=JEB severity=NOTICE msgID=8847539 msg=Index mail.substring phase two processing completed\r\n...\r\n[14\/Jul\/2011:13:56:07 +0200] category=JEB severity=NOTICE msgID=8847569 msg=Total import time was 70 seconds. Phase one processing completed in 45 seconds, phase two processing completed in 25 seconds\r\n[14\/Jul\/2011:13:56:07 +0200] category=JEB severity=NOTICE msgID=8847454 msg=Processed 41667 entries, imported 41667, skipped 0, rejected 0 and migrated 0 in 70 seconds (average rate 594.0\/sec)\r\n[14\/Jul\/2011:13:56:14 +0200] category=JEB severity=NOTICE msgID=8847536 msg=Import LDIF environment close took 7 seconds\r\n<\/code><\/pre>\n
Pisa\u0142em wcze\u015bniej o konieczno\u015bci przebudowy indeks\u00f3w przy imporcie przez backend, ale widz\u0119, \u017ce przebudowywane s\u0105 podczas importu. Na wszelki wypadek sprawdz\u0119 jednak sp\u00f3jno\u015b\u0107:<\/p>\n
# .\/verify-index -b dc=domain,dc=tld\r\n\r\n[14\/Jul\/2011:14:28:53 +0200] category=BACKEND severity=INFORMATION msgID=9437595 msg=Local DB backend userRoot does not specify the number of lock tables: defaulting to 97\r\n[14\/Jul\/2011:14:28:53 +0200] category=BACKEND severity=INFORMATION msgID=9437594 msg=Local DB backend userRoot does not specify the number of cleaner threads: defaulting to 24 threads\r\n[14\/Jul\/2011:14:29:06 +0200] category=JEB severity=NOTICE msgID=8847469 msg=Processed 178 out of 41670 records and found 0 error(s) (recent rate 17.7\/sec)\r\n[14\/Jul\/2011:14:29:06 +0200] category=JEB severity=INFORMATION msgID=8388718 msg=Free memory = 63 MB, Cache miss rate = 89.0\/record\r\n[14\/Jul\/2011:14:29:16 +0200] category=JEB severity=NOTICE msgID=8847469 msg=Processed 594 out of 41670 records and found 0 error(s) (recent rate 41.6\/sec)\r\n...\r\n[14\/Jul\/2011:14:34:32 +0200] category=JEB severity=NOTICE msgID=8847466 msg=Checked 41670 entries and found 0 error(s) in 336 seconds (average rate 123.8\/sec)\r\n<\/code><\/pre>\n
Przy okazji wida\u0107, \u017ce jest 41670 entry, czyli wszystkie zaimportowane + 3, kt\u00f3re by\u0142y ju\u017c wcze\u015bniej. Uruchamiam serwer OpenDJ:<\/p>\n
# .\/start-ds\r\n<\/code><\/pre>\n
Po uruchomieniu pod\u0142\u0105czam si\u0119 z Eclipse do katalogu i przegl\u0105dam sobie \u015bwie\u017co zaimportowane dane.<\/p>","protected":false},"excerpt":{"rendered":"
Sorry, this entry is only available in Polish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.Je\u015bli posiadacie...<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_newsletter_tier_id":0,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[115],"tags":[6,120,44],"jetpack_publicize_connections":[],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7M9Tz-5t","jetpack-related-posts":[{"id":299,"url":"https:\/\/drfugazi.eu.org\/en\/ldap-meta-directory\/","url_meta":{"origin":339,"position":0},"title":"LDAP meta directory","author":"drfugazi","date":"Thursday August  4th, 2011","format":false,"excerpt":"Sometimes you need to combine two or more LDAP directories with same suffixes to one directory or you just need to have a proxy. My first attempts to combine two OpenLDAP directories was to make replication from two different sources. This solution however has some disadvantages. First of all: to\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":285,"url":"https:\/\/drfugazi.eu.org\/en\/konfiguracja\/","url_meta":{"origin":339,"position":1},"title":"Konfiguracja OpenDJ","author":"drfugazi","date":"Monday July 11th, 2011","format":false,"excerpt":"Po rozpakowaniu i instalacji OpenDJ jest wst\u0119pnie skonfigurowany. W moim przypadku posiada te\u017c wpis bazowy (base entry), tutaj niech to b\u0119dzie dc=domain,dc=tld. Je\u015bli kto\u015b dopiero buduje drzewo LDAP, to pewnie teraz doda sobie standardowe ou=People i tam b\u0119dzie umieszcza\u0142 u\u017cytkownik\u00f3w za pomoc\u0105 narz\u0119dzi do zarz\u0105dzania katalogiem LDAP. Zwykle jednak jest\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":337,"url":"https:\/\/drfugazi.eu.org\/en\/dodawanie-schematow-opendj\/","url_meta":{"origin":339,"position":2},"title":"Dodawanie schemat\u00f3w do OpenDJ","author":"drfugazi","date":"Tuesday July 12th, 2011","format":false,"excerpt":"Sorry, this entry is only available in Polish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.OpenDJ podobnie jak inne us\u0142ugi katalogowe pozwala na rozszerzanie funkcjonalno\u015bci katalogu poprzez dodawanie schemat\u00f3w. Istnieje szereg gotowych schemat\u00f3w,\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":373,"url":"https:\/\/drfugazi.eu.org\/en\/budowa-systemu-pocztowego\/","url_meta":{"origin":339,"position":3},"title":"Building mail system","author":"drfugazi","date":"Monday August 13th, 2012","format":false,"excerpt":"This description is based on my experience, which I gained during mail system implementation on University of Silesia (Katowice\/Poland). In the first stage there was about 3 000 of users, now the system is handling about 40 k of mail users. Whole system (exluding Sophos AV) is based on Open\u2026","rel":"","context":"In "Mail system"","block_context":{"text":"Mail system","link":"https:\/\/drfugazi.eu.org\/en\/category\/mail-system\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":340,"url":"https:\/\/drfugazi.eu.org\/en\/konfiguracja-replikacji-multi-master-opendj\/","url_meta":{"origin":339,"position":4},"title":"(Polski) Konfiguracja replikacji Multi-Master w OpenDJ","author":"drfugazi","date":"Friday July 22nd, 2011","format":false,"excerpt":"Sorry, this entry is only available in Polish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.G\u0142\u00f3wnym powodem mojej migracji us\u0142ug katalogowych z OpenLDAP do OpenDJ jest w\u0142asnie mechanizm replikacji, a raczej jego niezbyt\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":283,"url":"https:\/\/drfugazi.eu.org\/en\/opendj\/","url_meta":{"origin":339,"position":5},"title":"OpenDJ","author":"drfugazi","date":"Monday July 11th, 2011","format":false,"excerpt":"OpenDJ jest nowy serwerem us\u0142ug katalogowych zgodnym z LDAPv3, rozwijanym na platformie Java, dostarczaj\u0105cym wysoko wydajnego, niezawodnego i bezpiecznego magazynu to\u017csamo\u015bci. \u0141atwy proces instalacyjny w po\u0142\u0105czeniu z si\u0142\u0105 platformy Java powoduje, \u017ce OpenDJ jest jednym z najprostszych do zarz\u0105dzania i najszybszych do uruchomienia serwerem us\u0142ug katalogowych. OpenDJ jest rozszerzeniem projektu\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/339"}],"collection":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/comments?post=339"}],"version-history":[{"count":0,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/339\/revisions"}],"wp:attachment":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/media?parent=339"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/categories?post=339"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/tags?post=339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}