Before you export LDIF data, be sure that you have enough space to export all the data.
To export data from the database to an LDIF file:
These operational attributes are created and modified by the server when a directory entry is created or modified; they are also modified any time the entry is modified. They contain information about the user who created or modified the entry and the time the entry was created or modified. These entries are stored as a base-64-encoded control in the LDIF file.
When the source server (the server you are exporting data from) and the destination server (the server into which you will be importing the data) are using non-matching directory key stash files, and you specify the encryption seed and salt values of the destination server, any AES-encrypted data will be decrypted using the source server's AES keys, then re-encrypted using the destination server's encryption seed and salt values. This encrypted data is stored in the LDIF file.
You can obtain the destination server's salt value by searching (using the ldapsearch utility) the server's 'cn=crypto,cn=localhost' entry. The attribute type is ibm-slapdCryptoSalt. For example:
ldapsearch -D adminDN -w adminPw -b "cn=crypto,cn=localhost" objectclass=* ibm-slapdCryptoSalt
A value similar to the following is returned:
ibm-slapdCryptoSalt=:SxaQ+.qdKor
The part of the string after the equal to sign (=) is the encryption salt. In this example, the encryption salt is :SxaQ+.qdKor.
[ Top of Page | Previous Page | Next Page ]