John’s Oracle Experiences

My everyday experiences with Oracle products

«
»

Cleanup OID using ldapsearch and ldapdelete

Posted by John Paul van Helvoort on July 13, 2009

Today is was asked to cleanup an Oracle Internet Directory without removing the orcladmin and some other operational users.
As all accounts are housed under the same context root , being “cn=Users,dc=example,dc=com”. I was forced to use an ldapsearch instead of using bulkdelete to perform the operation.

First we exported all the users :

ldapsearch -h oid.example.com -p 389-L -D “cn=orcladmin” -w “xxx” -b “cn=Users,dc=example,dc=com” -s sub “objectclass=*” > users_oid.ldif

After this a ldif is created with all user and attributes which cannot be used directly by ldapdelete.

Second we filter out only the “dn:” lines :

cat users_oid.ldif | grep dn: > users_delete.ldif

Then we remove the lines

dn: cn=Users, dc=example,dc=com
dn: cn=orcladmin, cn=Users, dc=example,dc=com

..

After this we remove the “dn:” from all lines as this would result in an error when kept.

sed s/dn:// users_delete.ldif > new_users_delete.ldif

Now we have created a clean ldif file which can be used by ldapdelete !

ldapdelete -h oid.example.com -p 389 -D “cn=orcladmin” -w xxx -f new_users_delete.ldif

Depending on the number of users in your ldap directory, this could take a while :)

This entry was posted on July 13, 2009 at 07:10 and is filed under LDAP, OID. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»