Hello *,
what is a "good" way to enumerate all objects in an open ldap in order to get a total count of defined objects ? ( how many objects ..)
TIA Michael
PS: Sorry if i should know this by reading basic infos
Well, I don't know necessarily what the *best* way is, but I can tell you what the simplest way in. As root on whatever server the openLDAP database is on, run this command:
slapcat | grep "^dn: " | wc -l
That will dump the entire ldap database, grab every "dn: ..." line, which every object will have exactly one of, and run it through wc (the word-counter) and tell it to count the number of lines.
Regards,
Adrian
Michael Arndt wrote:
Hello *,
what is a "good" way to enumerate all objects in an open ldap in order to get a total count of defined objects ? ( how many objects ..)
TIA Michael
PS: Sorry if i should know this by reading basic infos
I don't think it's a good approach using the root account to run such a simple script.
Maybe it would be better to perform a search operation against the server. The code below might work for you:
ldapsearch -Hldaps://your.server.com -x -b dc=yourDITroot "objectclass=*" dn -D cn=yourRootDN,dc=yourDITroot -W | grep numEntries
Regards
On Fri, May 30, 2008 at 3:50 AM, Adrian Overbury adrian@inomial.com wrote:
Well, I don't know necessarily what the *best* way is, but I can tell you what the simplest way in. As root on whatever server the openLDAP database is on, run this command:
slapcat | grep "^dn: " | wc -l
That will dump the entire ldap database, grab every "dn: ..." line, which every object will have exactly one of, and run it through wc (the word-counter) and tell it to count the number of lines.
Regards,
Adrian
Michael Arndt wrote:
Hello *,
what is a "good" way to enumerate all objects in an open ldap in order to get a total count of defined objects ? ( how many objects ..)
TIA Michael
PS: Sorry if i should know this by reading basic infos
On Fri, May 30, 2008 at 3:50 AM, Adrian Overbury adrian@inomial.com wrote:
Well, I don't know necessarily what the *best* way is, but I can tell you what the simplest way in. As root on whatever server the openLDAP database is on, run this command:
slapcat | grep "^dn: " | wc -l
That should be "^dn:" to catch "dn:: base64-encoded DN" as well.
Though I agree with André it's best to not overuse root. But then, hopefully the server runs with the -u <user> option for the same reason and then the slapcat should be done as that user.
Michael Arndt wrote:
what is a "good" way to enumerate all objects in an open ldap in order to get a total count of defined objects ? ( how many objects ..)
There is no way via LDAP to count objects returned for a particular search without retrieving them. However you can limit the amount of data retrieved by limiting the list of attrs to be sent.
If you just want to know the overall raw number of all entries in an OpenLDAP server you could also simply use grep -c "^dn: " on the LDIF backup files you create with slapcat.
Ciao, Michael.
P.S.: I've interpreted "enumerate" as synonym for "count".
openldap-software@openldap.org
-
Adrian Overbury -
André Pereira -
Hallvard B Furuseth -
Michael Arndt -
Michael Ströder