Import LDIF data into a Directory Server backend.
Connection parameters are not required when importing to a local Directory Server that is not running. However, connection parameters are required if the Directory Server is remote, or if the Directory Server is running locally and it is inconvenient to have to stop it for the import. You can use the options to include or exclude specific attributes and branches of the tree, and to include or exclude entries matching a given filter. The input file may be compressed.
This tool features both an offline mode of operation as well as the ability to schedule an operation to run within the Directory Server's process. To schedule an operation supply LDAP connection options that allow this tool to communicate with the server through its task interface. Tasks can be scheduled to run immediately or at a later time (see Task Scheduling Options below). Once scheduled, tasks can be managed using the manage-tasks tool.
import-ldif --backendID userRoot --ldifFile userRoot.ldif
import-ldif --backendID userRoot --ldifFile userRoot.ldif.gz --isCompressed \
--rejectFile rejects.ldif --skipFile skipped.ldif --overwrite
import-ldif --task --hostname server1 --port 389 \
--bindDN uid=admin,dc=example,dc=com --bindPassword password \
--backendID userRoot --ldifFile userRoot.ldif
import-ldif --backendID userRoot --templateFile example.template
import-ldif --includeBranch dc=example,dc=com --ldifFile people.ldif
-V
--version
| Description | Display Directory Server version information |
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-Z
--useSSL
| Description | Use SSL for secure communication with the server |
-q
--useStartTLS
| Description | Use StartTLS to secure communication with the server |
--useNoSecurity
| Description | Use no security when communicating with the server |
-h {host}
--hostname {host}
| Description | Directory Server hostname or IP address |
| Default Value | localhost |
| Required | No |
| Multi-Valued | No |
-p {port}
--port {port}
| Description | Directory Server port number |
| Default Value | 389 |
| Required | No |
| Multi-Valued | No |
-D {bindDN}
--bindDN {bindDN}
| Description | DN used to bind to the server |
| Default Value | cn=Directory Manager |
| Required | No |
| Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
| Description | Password used to bind to the server |
| Required | No |
| Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
| Description | Bind password file |
| Required | No |
| Multi-Valued | No |
-o {name=value}
--saslOption {name=value}
| Description | SASL bind options |
| Required | No |
| Multi-Valued | Yes |
-X
--trustAll
| Description | Trust all server SSL certificates |
-P {trustStorePath}
--trustStorePath {trustStorePath}
| Description | Certificate trust store path |
| Required | No |
| Multi-Valued | No |
-T {trustStorePassword}
--trustStorePassword {trustStorePassword}
| Description | Certificate trust store PIN |
| Required | No |
| Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
| Description | Certificate trust store PIN file |
| Required | No |
| Multi-Valued | No |
-K {keyStorePath}
--keyStorePath {keyStorePath}
| Description | Certificate key store path |
| Required | No |
| Multi-Valued | No |
-W {keyStorePassword}
--keyStorePassword {keyStorePassword}
| Description | Certificate key store PIN |
| Required | No |
| Multi-Valued | No |
-u {keyStorePasswordFile}
--keyStorePasswordFile {keyStorePasswordFile}
| Description | Certificate key store PIN file |
| Required | No |
| Multi-Valued | No |
-N {nickname}
--certNickname {nickname}
| Description | Nickname of the certificate for SSL client authentication |
| Required | No |
| Multi-Valued | No |
--useAdministrativeSession
| Description | Attempt to use an administrative session to have operations processed on a dedicated pool of worker threads. This may be useful when trying to diagnose problems in a server that is unresponsive because all normal worker threads are busy processing other requests |
--propertiesFilePath {propertiesFilePath}
| Description | Path to the file that contains default property values used for command-line arguments |
| Required | No |
| Multi-Valued | No |
--usePropertiesFile
| Description | Specify that a properties file will be used to get default command-line argument values |
--task
| Description | Indicates that this tool should be invoked as a task which runs inside the Directory Server rather than as a separate process. At present, this argument is optional, but in a future release it may be required for running as a task |
-t {startTime}
--start {startTime}
| Description | Indicates the date/time, expressed in format 'YYYYMMDDhhmmss', when the operation starts when scheduled as a server task. A value of '0' causes the task to be scheduled for immediate execution. When this option is specified, the operation is scheduled to start at the specified time, after which this utility will exit immediately |
| Required | No |
| Multi-Valued | No |
--completionNotify {emailAddress}
| Description | Email address of a recipient to be notified when the task completes. This option may be specified more than once |
| Required | No |
| Multi-Valued | Yes |
--errorNotify {emailAddress}
| Description | Email address of a recipient to be notified if an error occurs when this task executes. This option may be specified more than once |
| Required | No |
| Multi-Valued | Yes |
--dependency {taskID}
| Description | ID of a task upon which this task depends. A task will not start execution until all its dependencies have completed execution |
| Required | No |
| Multi-Valued | Yes |
--failedDependencyAction {action}
| Description | Action this task will take should one of its dependent tasks fail. The value must be one of the following: PROCESS,CANCEL,DISABLE. If not specified, the default value is CANCEL |
| Required | No |
| Multi-Valued | Yes |
-Q
--quiet
| Description | Use quiet mode |
-l {ldifFile}
--ldifFile {ldifFile}
| Description | Path to the LDIF file to be imported |
| Required | No |
| Multi-Valued | Yes |
-A {templateFile}
--templateFile {templateFile}
| Description | Path to a MakeLDIF template to use to generate the import data |
| Required | No |
| Multi-Valued | No |
-n {backendName}
--backendID {backendName}
| Description | Backend ID for the backend to import |
| Required | No |
| Multi-Valued | No |
-F
--clearBackend
| Description | Remove all entries for all base DNs in the backend before importing. This is primarily useful for backends that contain multiple base DNs |
-b {branchDN}
--includeBranch {branchDN}
| Description | Base DN of a branch to include in the LDIF import |
| Required | No |
| Multi-Valued | Yes |
-B {branchDN}
--excludeBranch {branchDN}
| Description | Base DN of a branch to exclude from the LDIF import |
| Required | No |
| Multi-Valued | Yes |
-i {attribute}
--includeAttribute {attribute}
| Description | Attribute to include in the LDIF import |
| Required | No |
| Multi-Valued | Yes |
-e {attribute}
--excludeAttribute {attribute}
| Description | Attribute to exclude from the LDIF import |
| Required | No |
| Multi-Valued | Yes |
-I {filter}
--includeFilter {filter}
| Description | Filter to identify entries to include in the LDIF import |
| Required | No |
| Multi-Valued | Yes |
-E {filter}
--excludeFilter {filter}
| Description | Filter to identify entries to exclude from the LDIF import |
| Required | No |
| Multi-Valued | Yes |
-R {rejectFile}
--rejectFile {rejectFile}
| Description | Write rejected entries to the specified file |
| Required | No |
| Multi-Valued | No |
--skipFile {skipFile}
| Description | Write skipped entries to the specified file |
| Required | No |
| Multi-Valued | No |
-O
--overwrite
| Description | Overwrite an existing reject and/or skip file rather than appending to it |
-s {seed}
--randomSeed {seed}
| Description | Seed for the MakeLDIF random number generator |
| Default Value | 0 |
| Required | No |
| Multi-Valued | No |
--stripTrailingSpaces
| Description | Strip out any illegal trailing spaces contained in entries rather than rejecting those entries |
--countRejects
| Description | Count the number of entries rejected by the server and return that value as the exit code (values greater than 255 will be reduced to 255 due to exit code restrictions) |
-c
--isCompressed
| Description | LDIF file is compressed using gzip compression |
-y
--isEncrypted
| Description | LDIF file is encrypted. This option may only be used when running as a task |
--isSigned
| Description | Attempt to verify any digital signature contained in the LDIF file. This option may only be used when running as a task |
--addMissingRdnAttributes
| Description | Add values to entries for missing RDN attribute values rather than reject |
-r
--overwriteExistingEntries
| Description | Indicates that any existing entries in a branch being imported should be overwritten |
--logFilePath {logFilePath}
| Description | Echo the console output to the specified log file, instead of the default ' |
| Required | No |
| Multi-Valued | No |