NOTE: the password is orcladmin's password, not sysdba's password.
$ORACLE_HOME/ldap/bin/ldifwrite connect="orcl" basedn="cn=users,dc=cn,dc=oracle,dc=com" ldiffile="ldap_export_users.ldif"
$ORACLE_HOME/ldap/bin/ldifwrite connect="orcl" basedn="cn=groups,dc=cn,dc=oracle,dc=com" ldiffile="ldap_export_group.ldif"
egrep -v "authpassword" ldap_export_users.ldif > ldap_export_users_clean.ldif
export ORACLE_HOME=/u01/app/oracle/Middleware/Oracle_IDM1
export ORACLE_INSTANCE=/u01/app/oracle/Middleware/asinst_1
export TNS_ADMIN=$ORACLE_INSTANCE/config
export ORACLE_SID=oim
export JAVA_HOME=/u01/app/oracle/Middleware/jdk160_14_R27.6.5-32
export PATH=$ORACLE_INSTANCE/bin:$ORACLE_HOME/bin:$ORACLE_HOME/ldap/bin:$JAVA_HOME/bin:$PATH
bulkload connect="oim" check="TRUE" generate="TRUE" load="TRUE" append="TRUE" file="ldap_export_users_clean.ldif"
[oracle@ldap ldap_bak]$ egrep -v "oblixorgperson" ./ldap_export_users_clean.ldif > ./ldap_export_users_clean1.ldif
[oracle@ldap ldap_bak]$ egrep -v "orcluserprovstatus" ./ldap_export_users_clean1.ldif > ./ldap_export_users_clean2.ldif
[oracle@ldap ldap_bak]$ egrep -v "obver: 10.1.4.0" ./ldap_export_users_clean2.ldif > ./ldap_export_users_clean3.ldif
[oracle@ldap ldap_bak]$ egrep -v "orclosl" ./ldap_export_users_clean3.ldif > ./ldap_export_users_clean4.ldif
[oracle@ldap ldap_bak]$ bulkload connect="OIM" check="TRUE" generate="TRUE" load="TRUE" append="TRUE" file="ldap_export_users_clean4.ldif"
[oracle@ldap ldap_bak]$ bulkload connect="OIM" check="TRUE" generate="TRUE" load="TRUE" append="TRUE" file="ldap_export_group.ldif"
How to create group and add user to the group:
#写一个 create_group.ldif
#内容如下:
#dn: cn=UserAdminGroup,cn=Groups,dc=au,dc=oracle,dc=com
#changetype: add
#objectclass: top
#objectclass: orclGroup
#objectclass: groupOfUniqueNames
#objectclass: orclprivilegegroup
#uniqueMember: uid=userprovisioner,cn=Users,dc=au,dc=oracle,dc=com
#
#然后用这个命令:
#ldapmodify -D "cn=orcladmin,cn=users,dc=au,dc=oracle,dc=com" -w "welcome1" -h localhost -p 3060 -f create_group.ldif
dn: cn=dataloading,cn=users,dc=au,dc=oracle,dc=com
changetype: add
cn: dataloading
givenname: dataloading
mail: [email protected]
userpassword: welcome1
sn: dataloading
uid: dataloading
objectclass: top
objectclass: organizationalperson
objectclass: orcluserv2
objectclass: orcluser
objectclass: inetorgperson
objectclass: person
dn: cn=DataLoadingGroup, cn=groups,dc=au,dc=oracle,dc=com
objectclass: top
objectclass: groupOfUniqueNames
objectclass: orclGroup
uniquemember: cn=dataloading,cn=users,dc=au,dc=oracle,dc=com
ldapadd -h ovm6.au.oracle.com -p 3060 -D "cn=orcladmin" -w welcome1 -f <filename>