Who's On?

	Membership:
	Latest: Zac Shields
	Past 24 Hours: 1
	Prev. 24 Hours: 1
	Overall: 5210

	People Online:
	Visitors: 367
	Members: 0
	Total: 367

Name	Points
Greg Moeller	4184
David Williams	3349
JonA	3291
Kat V	2984
Woozy	1973
Jimmy Chiu	1883
Kwane McNeal	1437
Ragu Raghavan	1372
Roger French	1315
mark.cook	1244

Copying LDAP info from one server to another

3 Replies

0 Subscribed to this topic

27 Subscribed to this forum

Sort:

Author

Messages

prav

New Member

Posts: 2

5/12/2009 2:24 PM

Hi all,

We are on 9.0.0.4, iSeries and use LAUA security.

We are trying to setup a Lawson Disaster Recovery box. We have been successfull with most of it but for replicating users added to LDAP using LSA.

SInce we use LAUA all the security info is getting replicated along with the database to the DR Server.

When I add a user to LSA on production, I can not add it to the LSA on DR server as LDAP is not running there.

Is there a way to export data from LDAP on production and import into LDAP on to another server. The only difference would be the Server Name?

Any help is greatly appreciated.

Jimmy Chiu

Veteran Member

Posts: 641

5/16/2009 6:39 PM

Step 1: Replicate the LDAP instance from your production LDAP server to the new DR LDAP server via ADAM setup (Not sure about tivoly)

Step 2: on your DR box, edit the install.cfg, it needs to be point to the new LDAP server:port

hope this help.

Ben Coonfield

Veteran Member

Posts: 146

5/18/2009 10:27 AM

To replicate the exact TDS server, we just clone the whole server including filesystems to get the complete configuration & data which is easier if you want an exact replica. But in general, if you want to copy data betwen TDS instances there are Tivoli tools to do that. Install a second TDS instance, and preferably synchronize the cryptography keys between the two instances. If you don't do this first, you will have to reset user passwords on the target server. (TDS encrypts all the passwords, so if the new TDS isn't set up right it won't be able to use the encrypted passwords, although it will still be able to use all the other data). See Appendix E "Synchronizing two-way cryptography between server instances" in the the TDS Installation & Configuration Guide (IBM Document SC32-1673-00 for version 6.0).

John Henley

Posts: 3353

5/18/2009 12:35 PM

For TDS, you can use either idsxcfg to do a complete backup/restore (requires LDAP server be stopped, if I remember correctly), or idsxcfg (or another LDAP tool) to dump/load via an .ldif file. I prefer the .ldif method because it allows for tweaking the file to change service URLs, search/replace product line naming, etc.

To workaround the encryption issue Ben describes, you can follow that with a dump/load of password-dependent identities using ssoconfig, assuming you used the same encryption seed on both LSF9 installs.