Overview#
Import Conversion Export (ICE) is a utility that ships with eDirectory but maybe used with other LDAP implementations.Import Conversion Export is often part of a Data Extraction Transformation process.
Import Conversion Export utility functionality is integrated into imanager in later versions of eDirectory
Some Useful ICE Examples#
Retrieve the schema to a LDIF File#
ice -S LDAP -s <serverAddress> -p <ldapPort> -d <dnOfBinduser> -w <passwordOfBinduser> -b cn=schema -F objectclass=subschema -c base -D LDIF -f schema.ldif
Update the Schema Form a File#
ice -S LDIF -v -f schema.ldif -D LDAP -s localhost -p 389 -d <dnOfBinduser> -w <password> -e failed.ldif
Backup of Tree#
Remember, no passwords will be in the ldif.ice -S LDAP -s 192.168.1.34 -p 389 -d cn=admin,ou=Services,o=willeke -w secret -b ' ' -F '(objectclass=*)' -c sub -a 1.1 -D LDIF -f /var/backups/edir/2011-02-12-Saturday-IDV-TREE-FULL.ldif
Import Simple Passwords#
You must use SSL!
ice -lice.log -v -SLDIF -fC:\mydata\simplepassword.ldif -v -c -a -DLDAP -sxxx.xxx.xxx.xxx -p636 -dcn=admin,ou=administration,dc=willeke,dc=com -wsecret -LC:\mydata\YOURTTREE-CA.der -B -l -v
Where simplepassword.ldif looks like:
version: 1
<blank line>
dn: cn=testone,ou=people,dc=turner,dc=com
changeType: modify
add: userpassword
userpassword: {crypt}jgWDKyLuAx2vo
<blank line>
Users Created Since#
This shows an example of ICE with a filter and attribute list.ice -lc:\mydata\logs\ice.log -v -SLDAP -sxxx.xxx.xxx.xxx -p389 -dcn=admin,ou=administration,dc=willeke,dc=com -w<secretpassword> -b ou=people,dc=willeke,dc=com -F "(&(objectclass=inetorgperson)(createTimestamp>=20020416154855Z))" -a createTimestamp -v -DLDIF -fC:\mydata\temp.ldif -v
Compare Schema#
Compare the schema of two running LDAP servers.ice -C -c schemadiff.ldf -SLDAP -s 10.1.2.2 -p 389 -DLDAP -s 10.1.1.1 -p 389 Then: ice -e err.ldif -SLDIF -f schemadiff.ldf -c -DLDAP -s 10.1.2.2 -p 389 -d "cn=administrator,o=services" -w novell
ICE Documentation
#
ICE Documentation
