Importing LDAP Data

Use this procedure to import the LDAP data exported from the 9.0.1.x Environment into the LDAP for the 10.0.x Environment.

Importing LDAP Data

  1. Change directory to the $LAWDIR/temp901 directory in the 10.0.x system. This directory should contain the XML file from the 9.0.1.x LDAP.
  2. Edit the LDAP901.xml file created from the 9.0.1.x LDAP in order to remove any unnecessary people resources, roles, and services.
    1. Remove the non-XML text lines at the beginning of the file. The file should begin with the following line:

      <?xml version="1.0" encoding="UTF-8"?>

    2. Remove these standard users:
      • lawson

      • lsuser

      • lsadm

      • pfadmin

      • *_system

    3. Remove all ROLES elements and their corresponding sections.
    4. Remove all SERVICE elements and their corresponding sections.
  3. If necessary, modify the prefix used on the values for the objectclass attribute for any element. This prefix is the first two characters, such as "zz" of the values that contain the string "lwsnobj." To determine if you must change this prefix, examine the 10.0.x Environment's $LAWDIR/system/install.cfg file and note the value for the LDAPPREFIX parameter. If it is different than the one in the LDAP901.xml file, replace the 9.0.1.x value with the value from the 10.0.x install.cfg file. For example, you may need to change "zz" to "zx".
  4. Convert the XML file to an LDIF file. At the command line, type

    ldifgen xmltodataldif -D binddn -h host -p port -w passwd -f outputfile inputxmlfile [-vZ]

    where

    binddn is the bind DN of the LDAP administrator

    host is the host name for the LDAP

    port is the LDAP port

    passwd is the password of the LDAP administrator

    outputfile is the name of the ldif file to create

    inputxmlfile is the name of the xml file providing the input

    For example:

    ldifgen xmltodataldif -D cn=root -h host.domain.org -p 389 -w pass123 -f LDAP100x.ldif LDAP901.xml

  5. If your LDAP is on a remote server, copy the resulting LDIF file to the LDAP server.
  6. Load the LDIF file. At the command line of the server where your LDAP is located, type

    For IBM Directory Server

    ldapmodify -D AdministratorDN -h LDAPServerName -p LDAPPort -w AdministratorDNPassword -v -a -c -f LDAP100x.ldif > LDAP100x.log 2>&1

    where

    AdministratorDN is the DN of your LDAP administrator

    LDAPServerName is the machine name or IP address where the LDAP is installed

    LDAPPort is the listening port for the instance of the LDAP you are loading files to.

    AdministratorDNPassword is the password for the administrator

    For AD LDS

    ldifde -k -b AdamWindowsAdmin AdamWindowsDomain * -s LDAPServerName -t LDAPPort -i -f LDAP100x.ldif -v -j LogFileDirectory

    where

    AdamWindowsAdmin AdamWindowsDomain is the Windows user name and domain for the Adam administrator

    LDAPServerName is the machine name or IP address where the LDAP is installed

    LDAPPort is the listening port for the instance of the LDAP you are loading files to.

    LogFileDirectory is the directory where you want log files to be written.

  7. When finished, check the log file for errors.