directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <>
Subject [jira] Commented: (DIREVE-321) Need a dump tool to extract LDIF from JDBM database
Date Tue, 17 Jan 2006 19:32:42 GMT
    [ ] 

Emmanuel Lecharny commented on DIREVE-321:

We have to be really aware of how ldap could be use : for instance, as the centralized user/password
authentication system on unix, as a replacement of the classic user/password based on /etc/passwd.
You can read an encrypted version of a password, but you won't be able to 'know' this password.
This is what I meant by my comment, which was not really clear.

So, dumping the password in a ldif file might be an option, but I just wanted to point out
the fact that we may have critical informations in it, that we would not want to expose.

In a disaster recovery scenario, obvously, a backup is better. At least, if we use a ldif
file, we could just skip the password, because users could always create a new one (this is
a critical information, but we can loose it ;)

So I really think that this tool is usefull, but I also think we should avoid to dump clear
passwords. For encrypted ones, that's another question.

wdyt ?

> Need a dump tool to extract LDIF from JDBM database
> ---------------------------------------------------
>          Key: DIREVE-321
>          URL:
>      Project: Directory Server
>         Type: New Feature
>     Reporter: Alex Karasulu
>     Assignee: Alex Karasulu
>     Priority: Critical
>      Fix For: 0.9.4

> We're in need of a tool that dumps the contents of the jdbm database as an LDIF.  This
tool is meant to be used if the server cannot start of the database is corrupt for some reason.
 It should try its best to extract as much data as it can from the database using the master
table and the dn index.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

View raw message