Symantec Access Management

  • Private Community
 View Only
Back to discussions
Expand all | Collapse all

Examples:  Using base64 & perl for reviewing ldif records

  • 1.  Examples:  Using base64 & perl for reviewing ldif records

    Posted Jul 18, 2018 01:06 PM

    Example 1:  Using base64 decode with a ldapsearch/dxsearch command line to dynamically decode and view an embedded XML value in an ldap attribute:

     

     

    dxsearch -LLL -h `hostname` -p 20396 -c -x -D "eTDSAContainerName=DSAs,eTNamespaceName=CommonObjects,dc=etadb" -w "Password01" -b "eTConfigName=BLS Connectivity Configuration,eTConfigContainerName=Configuration,eTNamespaceName=CommonObjects,dc=im,dc=etadb" eTConfigPayload | perl -p00e 's/\r?\n //g' | awk '{print $2}' | grep -v "eTConfigName=BLS" | base64 -d

     

     Ref:  https://communities.ca.com/message/242047291-re-monitor-the-identity-suite-im-notify-queue?commentID=242047291#comment-2… 

     

     

     

     

    Example 2A:   Using perl to force a "no-wrap" export of an LDIF file; to allow better search/replace processes that would normally be prevented by the 80 character default wrap of an LDIF export.

     

     

    dxsearch -LLL -h `hostname` -p $PORT  -b $CUS_PREFIX -s sub | perl -p0e 's/\n //g' > $IMCD_DOMAIN_UPDATE_FILE"

     

     

     

     

     

    Example 2B:   Using perl to force a "no-wrap" export of an LDIF file AND change the dc domain; to allow better search/replace processes that would normally be prevented by the 79/80 character default wrap of an LDIF export.

     

     

    # - If default IMPD domain is different, IMPD Data was extracted with dxsearch & piped to perl command to force no-wrap behavior and a search/replace was completed to replace the custom domain with dc=im,dc=etadb

     

    Example:

    dxsearch -LLL -h `hostname` -p 20394 -b "dc=IDENTITY_MANAGER,dc=etadb" -s sub | perl -p0e 's/\n //g'  > impd_main_domain_update.ldif

     

    dxsearch -LLL -h `hostname` -p 20396 -b "dc=IDENTITY_MANAGER,dc=etadb" -s sub | perl -p0e 's/\n //g' > impd_co_domain_update.ldif

     

    dxsearch -LLL -h `hostname` -p 20398 -b "dc=IDENTITY_MANAGER,dc=etadb" -s sub | perl -p0e 's/\n //g' > impd_inc_domain_update.ldif

     

    sed -i 's|dc=IDENTITY_MANAGER,dc=etadb|dc=im,dc=etadb|g' impd_main_domain_update.ldif
    sed -i 's|dc=IDENTITY_MANAGER,dc=etadb|dc=im,dc=etadb|g' impd_co_domain_update.ldif
    sed -i 's|dc=IDENTITY_MANAGER,dc=etadb|dc=im,dc=etadb|g' impd_inc_domain_update.ldif

     

     

     

     

     

    Example 3:   Using perl to force a "no-wrap" export of a CA Directory offline/online backup to LDIF file; to allow better search/replace processes that would normally be prevented by the 79/80 character default wrap of an LDIF export.

     

    On-line backup (assumes dump dxgrid-db; is part of DSA settings)

    dxdumpdb -z ca-prov-srv-01-impd-co | perl -p0e 's/\n //g' > new_no-wrap_export_impd_co.ldif

     

    Off-line backup (assume DSA is shutdown)

    dxdumpdb     ca-prov-srv-01-impd-co | perl -p0e 's/\n //g' > new_no-wrap_export_impd_co.ldif

     

     

     

     

     

     

     

    What methods do you use to augment your ldap/ldif export/import processes?

     

    Cheers,

     

    Alan