[#DIRSERVER-274] Need a dump tool to extract LDIF from JDBM database

Directory ApacheDS

Need a dump tool to extract LDIF from JDBM database

Created: 18/Jan/06 02:39 AM Updated: 10/Feb/06 12:27 PM

Return to search

Component/s:

None

Affects Version/s:

pre-1.0

Fix Version/s:

1.0-RC1

Time Tracking:

Not Specified

Resolution Date:

18/Jan/06 07:50 AM

Description

« Hide

We're in need of a tool that dumps the contents of the jdbm database as an LDIF. This tool is meant to be used if the server cannot start of the database is corrupt for some reason. It should try its best to extract as much data as it can from the database using the master table and the dn index.

All

Comments

Work Log

Change History

Subversion Commits

Sort Order:

[ Permlink | « Hide ]

Emmanuel Lecharny added a comment - 18/Jan/06 02:45 AM

Yes, we need it.

What about passwords? I think we should not dump them...

[ Permlink | « Hide ]

Stefan Zoerner added a comment - 18/Jan/06 04:03 AM

If admin is allowed to to read the password, why shouldn't s/he be allowed to dump them? If passwords are stored as hash value (DIREVE-286), it is at least not that easy to guess them. For a disaster recovery scenario, complete db content has more value.

[ Permlink | « Hide ]

Emmanuel Lecharny added a comment - 18/Jan/06 04:32 AM

We have to be really aware of how ldap could be use : for instance, as the centralized user/password authentication system on unix, as a replacement of the classic user/password based on /etc/passwd. You can read an encrypted version of a password, but you won't be able to 'know' this password. This is what I meant by my comment, which was not really clear.

So, dumping the password in a ldif file might be an option, but I just wanted to point out the fact that we may have critical informations in it, that we would not want to expose.

In a disaster recovery scenario, obvously, a backup is better. At least, if we use a ldif file, we could just skip the password, because users could always create a new one (this is a critical information, but we can loose it ;)

So I really think that this tool is usefull, but I also think we should avoid to dump clear passwords. For encrypted ones, that's another question.

wdyt ?

[ Permlink | « Hide ]

Alex Karasulu added a comment - 18/Jan/06 07:50 AM

A rough dump tool was committed in revision 369946 here. The tool stinks as is and will dump a simple ldif of the partition contents. It needs some work but this can be done any time here's what I'd like to see done to/for it:

* Let's refactor it as a POJO and have a main to run it.
* Make main use some commandline option processing toolkit.
* Add usage message.
* Add option to filter out some attributes (operational ones for example)
* IMPORTANT: Add fault tolerance so it does not fail fast. Right now it bombs on an exception. If an entry cannot be extracted then we can note this. We need to handle failures and continue to dump.

[ Permlink | « Hide ]

Alex Karasulu added a comment - 18/Jan/06 07:55 AM

Here's that commit ... again this just a code drop of how to build a tool someone really needs to write this thing properly. For now it works minimally and satisfies this request.

http://svn.apache.org/viewcvs.cgi?rev=369946&view=rev

Oh more TODOs:

* logging
* should use the updn index to pull from master table instead since this index is simpler and can tell us if an entry cannot be found in the master table
* update tool to do more and change its name. some possibilities are:
   - rebuild indices
   - scrub partition for deleted entries
   - compact it (defrag)

[ Permlink | « Hide ]

Alex Karasulu added a comment - 18/Jan/06 07:56 AM

Emmanuel note that if we add options to filter certain attributes when dumping the LDIF then the administrator can make the call and not us. Give the admiin full power I say and provide the optional switches to filter for convenience.