Additional Search Filtering#

Several people had asked to be able use the tool for only some entries. We added the ability for the tool to only apply to users based on a attribute=value combination. We added the following options:

For command-line Usage#

    -S    A LDAP attribute used to locate a single entry specified in the -V option - Default="cn"
    -V    The value to use with the -S attribute to locate a single entry specified in the -S option - Default=""
The options
  • -S and -V need to be used together.
  • The -A option must be used if using -S and -V
  • you can find the user(s) by any attribute=value combination.

Search Example:

-S cn -V geoffc Will find a user with cn=geoffc within the sub-tree for the value of the -b option for the entryDN

The application will create an LDAP SearchFilter that is like:

(&(objectClass=inetorgperson)(cn=geoffc))

Note: This allows running from a batch file to locate a single entry.

Advanced "Hidden" Properties#

CAUTION changing these properties may cause unpredictable performance.

Missing Lines#

For the GUI mode, We choose to implement a Text control that purges lines from the top of the screen to prevent "out-of-memory" errors. The number of lines that will be displayed is controlled by the KEEP_LINES in the DumpUp.properties file. If you receive an "out-of-memory" error, lower this number. With no changes to the Java Heap space, on Windows, it looks like 20-25k lines is the limit.

The same output that shows on the screen is placed into the info.log file.

Search Filter#

You can modify the base search filter in case you are utilizing base objectClass that is not "normal". The default is DUMPUP_SEARCH_FILTER=(objectClass=inetorgperson) in the DumpUP.properties file.

Properties Files#

dumpup.properties#

We just know some of you will work with the properties file directly and you may get messed up. Here is the base file:
#DumpPassword Information Properties file.
#Tue Jul 07 09:08:49 EDT 2009
SIZE_LIMIT=10000
VERBOSE=false
USE_EXTRA=true
DEBUG=false
SEARCH_VALUE=*
ALL=true
USE_LDIF=false
OUTPUT_FILE_PATH=C\:\\mydata\\common\\java\\DumpPasswordInformation\\dumpup.ldif
BIND_DN=cn\=admin,ou\=administration,dc\=willeke,dc\=com
LDAP_PORT=389
KEEP_LINES=200000
KEY_PATH=/usr/local/shared/sharedkeystore
SEARCH_ATTRIBUTE=cn
TIME_LIMIT=40
LDAP_HOST=ldap.yourdomain.com
USE_KEYSTORE=false
BASE_DN=ou\=users,dc\=yourdomain,dc\=com
SSL=false
TLS=true
PASSWORD=secret
SEARCH_FILTER=(objectClass\=inetorgperson)

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-7) was last changed on 14-Feb-2011 13:03 by jim