moving PROD accounts to LAB...what about the associations??


We are looking at doing a LAB refresh from PROD.
1)Bring up new LAB servers
2)Install necessary software
3)Using eDir tools....backup eDir prod
4)Using the backup....restore it to eDir in LAB
5)Clean up eDir in LAB to remove all prod server references

QUESTION:
Now I will have an eDir instance of LAB that is full of accounts with
associations to PROD drivers. I already have drivers (People Soft,
Banner etc.) built in the LAB and connected to development
environments...so now how does the association issue get straightened
out since my accounts in lab are all referencing PROD drivers???? How
does one go about remediating this....or do I need to have another plan
for refreshing the LAB?


--
wferguson
------------------------------------------------------------------------
wferguson's Profile: https://forums.netiq.com/member.php?userid=360
View this thread: https://forums.netiq.com/showthread.php?t=54235


  • wferguson;260551 Wrote:
    > We are looking at doing a LAB refresh from PROD.
    > 1)Bring up new LAB servers
    > 2)Install necessary software
    > 3)Using eDir tools....backup eDir prod
    > 4)Using the backup....restore it to eDir in LAB
    > 5)Clean up eDir in LAB to remove all prod server references
    >
    > QUESTION:
    > Now I will have an eDir instance of LAB that is full of accounts with
    > associations to PROD drivers. I already have drivers (People Soft,
    > Banner etc.) built in the LAB and connected to development
    > environments...so now how does the association issue get straightened
    > out since my accounts in lab are all referencing PROD drivers???? How
    > does one go about remediating this....or do I need to have another plan
    > for refreshing the LAB?


    Hi wferguson,
    >3)Using eDir tools....backup eDir prod

    I'm not sure which exactly eDir tools you use.
    If you have complete copy of your eDir (objects still have same guid) -
    it make sense to "preserve" your "production" association.
    If you "created" "new" objects in QA from your production backup -
    objects in QA will have another GUID and associations related to GUID
    (like eDir, AD, etc) will have wrong info.

    For my QA I use next method:
    1. Export from production required info to LDIF file without
    Association, GroupMembeship, manager attributes (exclude any reference
    to another objects)
    2. Small ldif file with "reference" attribute info (if it required)
    3. Import base users ldif to QA
    4. Import Reference ldif
    5. Drivers will "regenerate" associations (if it will be required)


    --
    If you find this post helpful, please show your appreciation by clicking
    on the star below :cool:
    ------------------------------------------------------------------------
    al_b's Profile: https://forums.netiq.com/member.php?userid=209
    View this thread: https://forums.netiq.com/showthread.php?t=54235


  • al_b.....is there any particular tool you have found useful in exporting
    the objects to and LDIF file?


    --
    wferguson
    ------------------------------------------------------------------------
    wferguson's Profile: https://forums.netiq.com/member.php?userid=360
    View this thread: https://forums.netiq.com/showthread.php?t=54235


  • I use *Apache Directory Studio*
    https://directory.apache.org/studio/

    For me it mach easy, that type everything in command line (Novell ice)
    etc.

    You can use *LDAPExporter* from Keith Armstrong (
    http://sourceforge.net/projects/ldapexporter/ ) that provide number of
    good extensions or any another LDAP browser/tools.

    Alex


    --
    If you find this post helpful, please show your appreciation by clicking
    on the star below :cool:
    ------------------------------------------------------------------------
    al_b's Profile: https://forums.netiq.com/member.php?userid=209
    View this thread: https://forums.netiq.com/showthread.php?t=54235