Saturday, June 23, 2012

HOW TO DELETE AND LOAD OID (Oracle Internet Directory)DATA

Before we start anything make sure ORACLE_HOME, ORACLE_SID and PATH are all set.

         For example (MINDTELLIGENTAPP1):

ORACLE_HOME=/oracle/oraHome_infra_101200
ORACLE_SID=infra
PATH=/oracle/oraHome_infra_101200/bin:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/oracle/bin

1.         get 'orcldefaultSubscriber' to be used later from production server (optional)

ldapsearch -h mtilawsapp1 -p 399 -D cn=orcladmin -w infra1prod -b "cn=common, cn=products, cn=oracleContext" -s base "objectclass=*" orcldefaultSubscriber

cn=Common,cn=Products,cn=OracleContext
orcldefaultsubscriber=dc=mti,dc=org

2.         run the following 3 command to make sure if we have the existing data (optional)

$ORACLE_HOME/bin/ldapsearch -h mindtelligentapp1.mti.org -p 3060 -b "cn=users, dc=mindtelligentapp1,dc=com" -s base "objectclass=*"

$ORACLE_HOME/bin/ldapsearch -h mindtelligentapp1 -p 3060 -b "cn=groups, dc=mindtelligentapp1,dc=com"  -s base "objectclass=*"

$ORACLE_HOME/bin/ldapsearch -h mindtelligentapp1 -p 3060 -b "cn=groups, cn-OracleContext,dc=mindtelligentapp1,dc=com" -s base "objectclass=*"

3.         stop OID deamon before running bulkdelete

$ORACLE_HOME/opmn/bin/opmnctl stopproc ias-component=OID

4.         run bulkdelette to remove existing data in OID

$ORACLE_HOME/ldap/bin/bulkdelete.sh -connect infra -base "cn=users, dc=mti,dc=org"

$ORACLE_HOME/ldap/bin/bulkdelete.sh -connect infra -base "cn=groups, dc=mti,dc=org"

$ORACLE_HOME/ldap/bin/bulkdelete.sh -connect infra -base "cn=groups, cn=OracleContext, dc=mti,dc=org"

5.                  repeat the following command to remove any duplicate user records:

$ORACLE_HOME/ldap/bin/bulkdelete.sh -connect infra -base "dc=org"


6.                  To run the bulkload utility, set the directory server mode to read/modify:

·         start OID deamon to check if the data has been removed

·         $ORACLE_HOME/opmn/bin/opmnctl startproc ias-component=OID

From Oracle Directory Manager, navigate to the server entry (the main node under the Oracle Internet Directory Servers), and change the Server Mode attribute from Read/Write to Read/Modify from the drop-down list.

If you prefer to use the LDAP command line utilities, use the ldapmodify command:

$ORACLE_HOME/bin/ldapmodify -h mindtelligentapp1.mti.org -p 3060 -D cn=orcladmin -w welcome1 -v -f rm.ldif

where rm.ldif is a file you create, with the following contents:

dn:
changetype: modify
replace: orclservermode
orclservermode: rm

8.         Load users into the test Oracle Internet Directory by using the bulkload utility to load the LDIF file generated from the production system.  When invoking the bulkload utility, be sure to specify the absolute path of the LDIF file, even if it is in the current directory.

$ORACLE_HOME/ldap/bin/bulkload.sh -connect infra -check -generate -restore -load -append /tmp/oidexp012709.ldif

When invoking the bulkload utility, be sure to specify the absolute path of the LDIF file, even if it is in the current directory.

The response looks similar to the following output:

Verifying node "orcl"
-----------------------------
This tool can only be executed if you know database user password
for OiD on orcl
Enter OiD password ::

9.         Provide the password for the schema used by Oracle Internet Directory. This defaults to the password assigned for the ias_admin administrator during installation.

This command loads all the users, provided there is no error reported in the check mode on the exported LDIF file.

10.       Start the directory server with the following command:

$ORACLE_HOME//opmn/bin/opmnctl startproc ias-component=OID

11.              Change the orcldefaultsubscriber and orclsubscribersearchbase (Note this is a one time change.  We only need to do it at the first time we install a new OID):

This change allows us to point to the correct realm for searching.

a)         Buckup current information

$ORACLE_HOME/bin/ldapsearch -p 3060 -D cn=orcladmin -w welcome1 -L -s base -b "cn=Common,cn=Products,cn=OracleContext" "objectclass=*" > /tmp/backup_common_DEV_22Sep09.txt

b)         Create a LDIF file called modify_common_dev.ldif with following:

dn: cn=Common,cn=Products,cn=OracleContext
changetype: modify
replace: orcldefaultsubscriber
orcldefaultsubscriber: dc=mti,dc=org

dn: cn=Common,cn=Products,cn=OracleContext
changetype: modify
replace: orclsubscribersearchbase
orclsubscribersearchbase: dc=org

            c)         Apply the changes

$ORACLE_HOME/bin/ldapmodify -p 3060 -D cn=orcladmin -w welcome1 -v -f /tmp/modify_common_dev.ldif



            d)         Verify:

$ORACLE_HOME/bin/ldapsearch -h mindtelligentapp1 -p 3060 -D cn=orcladmin -w welcome1 -b "cn=common, cn=products, cn=oracleContext" -s base "objectclass=*" orcldefaultSubscriber


$ORACLE_HOME/bin/ldapsearch -L -h mindtelligentapp1 -p 3060 -D cn=orcladmin -w welcome1 -b "cn=common, cn=products, cn=OracleContext, dc=mti,dc=org" -s base "objectclass=*" orclCommonUserSearchBase orclCommonGroupSearchBase orclCommonNicknameattribute

########

0 comments: