Michael Wandel m.wandel@t-online.de schrieb am 07.02.2017 um 17:25 in
Nachricht ba56f41c-ca52-0f29-4b64-2f068b27bca8@t-online.de:
On 06.02.2017 09:36, Ulrich Windl wrote:
Michael Wandel m.wandel@t-online.de schrieb am 02.02.2017 um 17:32 in
Nachricht 84658c11-b467-f162-93cc-4e6cafc19ef9@t-online.de:
Hey,
I'm searching for a tool which is able to transform an accesslog Database to an ldif file, what can be used for ldapmodify.
I think it's possible, and I did something like that. Mostly to recover
from
my mistakes, and for documentation purposes. It's not trivial, however. My LDIF output for a change looks like this:
### 20170102084415.000003Z uid=user,ou=people,dc=domain,dc=org ## auditModify(modify)[83466,cn=Admin,dc=domain,dc=org] ## {0}{1.3.6.1.4.1.4203.666.5.12 criticality TRUE}: #< entryCSN: 20161220083510.859974Z#000000#001#000000 #< modifiersName: cn=Admin,dc=domain,dc=org #< modifyTimestamp: 20161220083510Z #= modifiersName: cn=Admin,dc=domain,dc=org
dn: uid=user,ou=people,dc=domain,dc=org changetype: modify replace: entryCSN entryCSN: 20170102084415.765596Z#000000#001#000000
replace: modifyTimestamp modifyTimestamp: 20170102084415Z
add: pwdFailureTime pwdFailureTime: 20170102084415Z
(Those "<" are previous values and "=" are unchanged values)
Note that the LDIF is forward (for re-applying) the changes. My program
also
has an option to produce a "backward LDIF" to create the corresponding "undo". Also note that not all attributes presented in my LDIF can be
changed
vie LDIF.
Nice to hear about, where can i find these tool, is there a download link
??
Sorry, it's an in-house development. But any talented programmer can write what you need within a few days. Quanah Gibson-Mount quanah@symas.com has published a simple version you could use also.
Regards, Ulrich
best regards
Michael
Or is there an alternative way to use the accesslog to rebuild an ldap database from a backup time to actual ?
Every hint is welcome
Regards, Ulrich
best regards
Michael
-- Michael Wandel Braakstraße 43 33647 Bielefeld