OID Policystore Migration
Policystore is basically a node in the hierarchical structure of Oracle Internet Directory where all the application policies are stored. There will be cases where you will want to replicate the policystore structure to some other OID instance in development or in production mode. This is useful in cases where you want to maintain the same application policies across multiple environments. Of course you can use the same OID across different environments but it will be very difficult for troubleshooting
OID provides few set of commands using which a policystore can be exported to an LDIF file and then that LDIF file can be imported on another OID.
This blog explains the use of ldifwrite and bulkload commands which are used to export the policystore or to be specific any node to an LDIF file and import the LDIF file respectively.
Following environment variables must be set before proceeding:
- WLS_HOME=<path_where_middleware_is_installed>
- ORACLE_HOME=$WLS_HOME/Oracle_IDM1
- ORACLE_INSTANCE=$ORACLE_HOME/asinst_1
- ORACLE_HOME/bin
- ORACLE_HOME/ldap/bin
- ORACLE_INSTANCE/bin
opmnctl stopall
Follow the below steps to replicate a node in one OID to another :
- Use ldifwrite to export a node to an ldif file :
ldifwrite connect="connect_string" basedn="source_dn" file="location.ldif"
e.g. If you want to export 'cn=mynode,cn=jpsContext,cn=jpsroot' (basedn) which resides in ODS schema of OIDDB_SOURCE (connect_string as specified in ORACLE_INSTANCE/config/tnsnames.ora) to a file source.ldif which is at location (/u01/export/source.ldif), use the following command :
ldifwrite connect="OIDDB_SOURCE" basedn="cn=mynode,cn=jpsContext,cn=jpsroot" file="/u01/export/source.ldif"
e.g. If you want to export 'cn=mynode,cn=jpsContext,cn=jpsroot' (basedn) which resides in ODS schema of OIDDB_SOURCE (connect_string as specified in ORACLE_INSTANCE/config/tnsnames.ora) to a file source.ldif which is at location (/u01/export/source.ldif), use the following command :
ldifwrite connect="OIDDB_SOURCE" basedn="cn=mynode,cn=jpsContext,cn=jpsroot" file="/u01/export/source.ldif"
- Use bulkload to import the ldif file and generate the intermediate SQL*Loader files :
bulkload connect="connect_string" check="true" generate="true" recover="true" file="location.ldif"
e.g. Intermediate SQL*Loader files which are to be executed for ODS schema in OIDDB_TARGET (connect_string) can be generated from /u01/export/source.ldif (file) with the following command :
bulkload connect="OIDDB_TARGET" check="true" generate"true" recover="true" file="/u01/export/source.ldif"
e.g. Intermediate SQL*Loader files which are to be executed for ODS schema in OIDDB_TARGET (connect_string) can be generated from /u01/export/source.ldif (file) with the following command :
bulkload connect="OIDDB_TARGET" check="true" generate"true" recover="true" file="/u01/export/source.ldif"
check flag parses and verifies the input LDIF file to find any corrupt data
generate flag generates the intermediate files in SQL*Loader format
restore flag restores the schema in case any problem arises during bulkload operation
generate flag generates the intermediate files in SQL*Loader format
restore flag restores the schema in case any problem arises during bulkload operation
- Use bulkload to load the intermediate SQL*Loader files in the target OID schema :
e.g. Intermediate files generated by 2 option can be loaded in the schema OIDDB_TARGET by the following command :
bulkload connect="OIDDB_TARGET" load="true"
After the completion of bulkload execution, start the OID server instance:
opmnctl startall
The logs file generated by the bulkload tool are at location :
ORACLE_INSTANCE/diagnostics/logs/OID/tools
- bulkload.log : output log
- duplicateDN.log : list of duplicate DNs found during loading
- *.ctl and *.dat : intermediate files
- badentry.ldif : list of bad LDIF entries
- dynGrp.ldif : list of dynamic group entries that can be added using ldapadd command
- bsl_*.log : intermediate log files generated by SQL*Loader
bulkload connect="OIDDB_TARGET" index="true"
Indices can be verified by using the command :
bulkload connect="OIDDB_TARGET" check="true" index="true"
In this way you can migrate the application policystore or any node for that matter from one OID instance to another. The detailed explanation of all the attributes used in the above commands can be found at the location http://docs.oracle.com/cd/E25054_01/oid.1111/e10029/bulktools.htm
No comments:
Post a Comment