On 08.02.2017 08:10, Ulrich Windl wrote: >>>> Michael Wandel <[email protected]> schrieb am 07.02.2017 um 17:25 in > Nachricht <[email protected]>: >> On 06.02.2017 09:36, Ulrich Windl wrote: >>>>>> Michael Wandel <[email protected]> schrieb am 02.02.2017 um 17:32 in >>> Nachricht <[email protected]>: >>>> Hey, >>>> >>>> I'm searching for a tool which is able to transform an accesslog >>>> Database to an ldif file, what can be used for ldapmodify. >>> >>> I think it's possible, and I did something like that. Mostly to recover > from >> my mistakes, and for documentation purposes. It's not trivial, however. My >> LDIF output for a change looks like this: >>> >>> ### 20170102084415.000003Z uid=user,ou=people,dc=domain,dc=org >>> ## auditModify(modify)[83466,cn=Admin,dc=domain,dc=org] >>> ## {0}{1.3.6.1.4.1.4203.666.5.12 criticality TRUE}: >>> #< entryCSN: 20161220083510.859974Z#000000#001#000000 >>> #< modifiersName: cn=Admin,dc=domain,dc=org >>> #< modifyTimestamp: 20161220083510Z >>> #= modifiersName: cn=Admin,dc=domain,dc=org >>> >>> dn: uid=user,ou=people,dc=domain,dc=org >>> changetype: modify >>> replace: entryCSN >>> entryCSN: 20170102084415.765596Z#000000#001#000000 >>> - >>> replace: modifyTimestamp >>> modifyTimestamp: 20170102084415Z >>> - >>> add: pwdFailureTime >>> pwdFailureTime: 20170102084415Z >>> >>> (Those "<" are previous values and "=" are unchanged values) >>> >>> Note that the LDIF is forward (for re-applying) the changes. My program > also >> has an option to produce a "backward LDIF" to create the corresponding >> "undo". Also note that not all attributes presented in my LDIF can be > changed >> vie LDIF. >>> >> >> Nice to hear about, where can i find these tool, is there a download link > ?? > > Sorry, it's an in-house development. But any talented programmer can write > what you need within a few days. It's ok, you are right, if you have time can do anything (fly to the mars ;-) ). Thanks for the inspiration.
> Quanah Gibson-Mount <[email protected]> has published a simple version you > could use also. > That solution we use at the moment, big thanks to Quanah. best regards Michael > Regards, > Ulrich > > >> >> best regards >> >> Michael >> >> >>>> >>>> Or is there an alternative way to use the accesslog to rebuild an ldap >>>> database from a backup time to actual ? >>>> >>>> Every hint is welcome >>> >>> Regards, >>> Ulrich >>> >>>> >>>> best regards >>>> >>>> Michael >>> >>> >>> >>> >>> >> >> >> -- >> Michael Wandel >> Braakstraße 43 >> 33647 Bielefeld > > > -- Michael Wandel Braakstraße 43 33647 Bielefeld
