Keeping a list of OUD backends for exporting
When you plan to move data between Oracle Unified Directories (OUD) instances, there are several essential details you should remember.
The first thing to consider is ensuring that you export data with operational attributes. Otherwise, after running import-ldif command, you will discover that your user accounts miss the necessary privileges to perform daily work. When you perform an export from ODSM (or OUDSM in version 12c) interface, you need to check a checkbox in the pop-up window.
The second thing is that you should be aware of all OUD backends that you have in your instance. OUD directories have several backends that you could find using list-backends command.
[oracle@myhost bin] ./list-backends
You might see the userRoot backend that you are planning to export, among other backends. But when you run the oud-setup command at the time of instance creation, it also creates OracleContext0 backend that might have a dn name of “cn=OracleContext,dc=yourcompany,dc=com”.
You have to export and then subsequently import content of this backend as well, to avoid “missing policy subentry error” when accessing your baseDN in ODSM.
When using Ansible playbook for importing ldif files into a new OUD instance, you can loop through a list of your ldif files (each for different backend) and have them loaded in tasks one by one. Non-matching backend data would be skipped.
- name: reload ldif as userRoot backend
shell:
cmd: |
cd “{{ instance_home }}/{{ instance_name }}/bin”
./import-ldif -a -r -h {{ inventory_hostname_short }} -p {{ instance_port }} \
-D “cn=Directory Manager” -j /tmp/{{ oud_password_file }} -X -b {{ instance_base }} \
-n userRoot -l {{ ldif_file }}
- name: reload ldif as OracleContext0 backend
shell:
cmd: |
cd “{{ instance_home }}/{{ instance_name }}/bin”
./import-ldif -a -r -h {{ inventory_hostname_short }} -p {{ instance_port }} \
-D “cn=Directory Manager” -j /tmp/{{ oud_password_file }} -X -b {{ instance_base }} \
-n OracleContext0 -l {{ ldif_file }}