idsldif2db

Use the idsldif2db command to load entries from an LDIF file to a database.

Description

You can run the idsldif2db command to load entries that are specified in the LDAP Directory Interchange Format (LDIF) file into a DB2® database that is associated with a Directory Server instance. The database to which you want to load entries must exist. The idsldif2db command can be used to add entries to an empty directory database or to a database that already contains entries.

Note:

You must stop the Directory Server before you use the server import utilities.
Ensure that no applications are attached to the directory database. If there are applications that are using the database, the server utilities might fail.
The idsldif2db command recognizes the operational attributes creatorsname, modifiersname, modifytimestamp, and createtimestamp if they are in plain text format.

If the parameters provided to the command are incorrect, a syntax error message is shown after which the correct syntax is shown.

Attention: You must specify the encryption seed and salt of the destination server for the following conditions:

If you are importing data to an instance configured for Advanced Encryption Standard (AES) encryption from another instance.
If the target and the destination servers are not cryptographically synchronized.

For more information about cryptographic synchronization of servers, see Synchronizing two-way cryptography between server instances.

Note: The SHA encoded directory encryption seed of the source server is written to the LDIF file by using idsdb2ldif is for reference during import. For parsing purposes, this encryption seed reference is in the cn=crypto,cn=localhost pseudo entry, which is for information only. This value is not loaded as part of the import.

Synopsis

 idsldif2db | idsldif2db [-i inputfile -I instancename [-f configfile] 
            [-d debuglevel] [-r yes | no] [-g] [-W]] | [?]

Options

The idsldif2db command takes the following parameters.

-d debuglevel: Sets the LDAP debug level to debuglevel. If you specify this parameter, the command sends the debug output to stdout. The debuglevel value is a bit mask that controls which output is generated with values from 1 to 65535. For information about debug levels, see Debugging levels.
-f configfile: Specifies the full path of the configuration file to use. If not specified, the default configuration file of the Directory Server instance is used.
-g: Specifies not to strip the trailing spaces on attribute values.
-i inputfile: Specify the name of the LDIF file that contains directory entries in LDIF format. This parameter is required. If the file is not in the current directory, you must specify the absolute path with the file name.
-I instancename: Specifies the Directory Server instance name to which to load entries.
-r [yes|no]: Specifies whether to replicate. The default is yes, which indicates that the entries are put in the change table and are replicated when the server restarts.
-W outputfile: Specifies the full path of a file in which to redirect output.
-?: Specifies to show the syntax format.

Examples

Example 1:

To load the sample.ldif file from CustomIn folder that is included with IBM® Security Directory Suite, run the following command:

idsldif2db -i sample.ldif