Export data from a Directory Server backend in LDIF format.
To export data from a remote Directory Server, the Directory Server must be running and connection parameters must be supplied. You can specify options to include or exclude specific attributes and branches of the tree, and to include or exclude entries matching a given filter. The data may be appended to an existing file instead of overwriting it, and the output may be optionally compressed.
This tool features both an offline mode of operation as well as the ability to schedule an operation to run within the Directory Server's process. To schedule an operation supply LDAP connection options that allow this tool to communicate with the server through its task interface. Tasks can be scheduled to run immediately or at a later time (see Task Scheduling Options below). Once scheduled, tasks can be managed using the manage-tasks tool.
export-ldif --backendID userRoot --ldifFile userRoot.ldif
export-ldif --backendID userRoot --ldifFile userRoot.ldif.gz --compress \
--includeBranch ou=people,dc=example,dc=com --excludeOperational \
--wrapColumn 80
export-ldif --task --hostname server1 --port 389 \
--bindDN uid=admin,dc=example,dc=com --bindPassword password \
--backendID userRoot --ldifFile userRoot.ldif
-V
--version
| Description | Display Directory Server version information |
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-Z
--useSSL
| Description | Use SSL for secure communication with the server |
-q
--useStartTLS
| Description | Use StartTLS to secure communication with the server |
--useNoSecurity
| Description | Use no security when communicating with the server |
-h {host}
--hostname {host}
| Description | Directory Server hostname or IP address |
| Default Value | localhost |
| Required | No |
| Multi-Valued | No |
-p {port}
--port {port}
| Description | Directory Server port number |
| Default Value | 389 |
| Required | No |
| Multi-Valued | No |
-D {bindDN}
--bindDN {bindDN}
| Description | DN used to bind to the server |
| Default Value | cn=Directory Manager |
| Required | No |
| Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
| Description | Password used to bind to the server |
| Required | No |
| Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
| Description | Bind password file |
| Required | No |
| Multi-Valued | No |
-o {name=value}
--saslOption {name=value}
| Description | SASL bind options |
| Required | No |
| Multi-Valued | Yes |
-X
--trustAll
| Description | Trust all server SSL certificates |
-P {trustStorePath}
--trustStorePath {trustStorePath}
| Description | Certificate trust store path |
| Required | No |
| Multi-Valued | No |
-T {trustStorePassword}
--trustStorePassword {trustStorePassword}
| Description | Certificate trust store PIN |
| Required | No |
| Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
| Description | Certificate trust store PIN file |
| Required | No |
| Multi-Valued | No |
-K {keyStorePath}
--keyStorePath {keyStorePath}
| Description | Certificate key store path |
| Required | No |
| Multi-Valued | No |
-W {keyStorePassword}
--keyStorePassword {keyStorePassword}
| Description | Certificate key store PIN |
| Required | No |
| Multi-Valued | No |
-u {keyStorePasswordFile}
--keyStorePasswordFile {keyStorePasswordFile}
| Description | Certificate key store PIN file |
| Required | No |
| Multi-Valued | No |
-N {nickname}
--certNickname {nickname}
| Description | Nickname of the certificate for SSL client authentication |
| Required | No |
| Multi-Valued | No |
--useAdministrativeSession
| Description | Attempt to use an administrative session to have operations processed on a dedicated pool of worker threads. This may be useful when trying to diagnose problems in a server that is unresponsive because all normal worker threads are busy processing other requests |
--propertiesFilePath {propertiesFilePath}
| Description | Path to the file that contains default property values used for command-line arguments |
| Required | No |
| Multi-Valued | No |
--usePropertiesFile
| Description | Specify that a properties file will be used to get default command-line argument values |
--task
| Description | Indicates that this tool should be invoked as a task which runs inside the Directory Server rather than as a separate process. At present, this argument is optional, but in a future release it may be required for running as a task |
-t {startTime}
--start {startTime}
| Description | Indicates the date/time, expressed in format 'YYYYMMDDhhmmss', when the operation starts when scheduled as a server task. A value of '0' causes the task to be scheduled for immediate execution. When this option is specified, the operation is scheduled to start at the specified time, after which this utility will exit immediately |
| Required | No |
| Multi-Valued | No |
--completionNotify {emailAddress}
| Description | Email address of a recipient to be notified when the task completes. This option may be specified more than once |
| Required | No |
| Multi-Valued | Yes |
--errorNotify {emailAddress}
| Description | Email address of a recipient to be notified if an error occurs when this task executes. This option may be specified more than once |
| Required | No |
| Multi-Valued | Yes |
--dependency {taskID}
| Description | ID of a task upon which this task depends. A task will not start execution until all its dependencies have completed execution |
| Required | No |
| Multi-Valued | Yes |
--failedDependencyAction {action}
| Description | Action this task will take should one of its dependent tasks fail. The value must be one of the following: PROCESS,CANCEL,DISABLE. If not specified, the default value is CANCEL |
| Required | No |
| Multi-Valued | Yes |
-Q
--quiet
| Description | Use quiet mode |
-l {ldifFile}
--ldifFile {ldifFile}
| Description | Path to the LDIF file to be written |
| Required | Yes |
| Multi-Valued | No |
-a
--appendToLDIF
| Description | Append an existing LDIF file rather than overwriting it |
-n {backendName}
--backendID {backendName}
| Description | Backend ID for the backend to export |
| Required | Yes |
| Multi-Valued | No |
-b {branchDN}
--includeBranch {branchDN}
| Description | Base DN of a branch to include in the LDIF export |
| Required | No |
| Multi-Valued | Yes |
-B {branchDN}
--excludeBranch {branchDN}
| Description | Base DN of a branch to exclude from the LDIF export |
| Required | No |
| Multi-Valued | Yes |
-i {attribute}
--includeAttribute {attribute}
| Description | Attribute to include in the LDIF export |
| Required | No |
| Multi-Valued | Yes |
-e {attribute}
--excludeAttribute {attribute}
| Description | Attribute to exclude from the LDIF export |
| Required | No |
| Multi-Valued | Yes |
-I {filter}
--includeFilter {filter}
| Description | Filter to identify entries to include in the LDIF export |
| Required | No |
| Multi-Valued | Yes |
-E {filter}
--excludeFilter {filter}
| Description | Filter to identify entries to exclude from the LDIF export |
| Required | No |
| Multi-Valued | Yes |
-O
--excludeOperational
| Description | Exclude operational attributes from the LDIF export |
-R
--excludeReplication
| Description | Exclude replication related attributes and entries from the LDIF export |
-S
--excludeSoftDelete
| Description | Exclude soft delete entries from the LDIF export |
--wrapColumn {wrapColumn}
| Description | Column at which to wrap long lines (0 for no wrapping) |
| Lower Bound | 0 |
| Default Value | 0 |
| Required | No |
| Multi-Valued | No |
-c
--compress
| Description | Compress the LDIF data as it is exported using gzip compression |
-y
--encryptLDIF
| Description | Encrypt the LDIF data as it is exported. This option may only be used when running as a task |
-s
--sign
| Description | Sign the contents of the LDIF file. This option may only be used when running as a task |
--logFilePath {logFilePath}
| Description | Echo the console output to the specified log file, instead of the default ' |
| Required | No |
| Multi-Valued | No |