[ http://issues.apache.org/jira/browse/DIREVE-321?page=comments#action_12363018 ]
Emmanuel Lecharny commented on DIREVE-321: ------------------------------------------ We have to be really aware of how ldap could be use : for instance, as the centralized user/password authentication system on unix, as a replacement of the classic user/password based on /etc/passwd. You can read an encrypted version of a password, but you won't be able to 'know' this password. This is what I meant by my comment, which was not really clear. So, dumping the password in a ldif file might be an option, but I just wanted to point out the fact that we may have critical informations in it, that we would not want to expose. In a disaster recovery scenario, obvously, a backup is better. At least, if we use a ldif file, we could just skip the password, because users could always create a new one (this is a critical information, but we can loose it ;) So I really think that this tool is usefull, but I also think we should avoid to dump clear passwords. For encrypted ones, that's another question. wdyt ? > Need a dump tool to extract LDIF from JDBM database > --------------------------------------------------- > > Key: DIREVE-321 > URL: http://issues.apache.org/jira/browse/DIREVE-321 > Project: Directory Server > Type: New Feature > Reporter: Alex Karasulu > Assignee: Alex Karasulu > Priority: Critical > Fix For: 0.9.4 > > We're in need of a tool that dumps the contents of the jdbm database as an > LDIF. This tool is meant to be used if the server cannot start of the > database is corrupt for some reason. It should try its best to extract as > much data as it can from the database using the master table and the dn index. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
