我很难将LDIF文件导入到ADAM / AD LDS中,并且错误在下面(实例types无效)。
我已经testing并从与之相关的错误中恢复
CN ,在ADAM中是“OU” contact更改为user 我的总体目标是将证书数据从ADDS移动到AD LDS,并将该只读LDS复制到世界。
我现在打了一堵墙,卡住了,无法将证书导入到实例中。 为了确保我做的事情在逻辑上正确,我正在做一个导出和导入,如下所示。
题
出口样品
命令行
PS C:\test> ldifde -f .\test.ldf -v -s 127.0.0.1 -d "DC= FreeSMIME, DC=COM" Connecting to "127.0.0.1" Logging in as current user using SSPI Exporting directory to file .\maker.ldf Searching for entries... Writing out entries .... SNIP ... Exporting entry: CN=test12,OU=Users,DC=FreeSMIME,DC=com 9 entries exported
test.ldf的内容
dn: CN=test12,OU=Users,DC=FreeSMIME,DC=com changetype: add objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user cn: test12 distinguishedName: CN=test12,OU=Users,DC=FreeSMIME,DC=com instanceType: 4 whenCreated: 20140706175425.0Z whenChanged: 20140706175425.0Z uSNCreated: 13981 uSNChanged: 13981 name: test12 objectGUID:: FGuCH4ep+0yvXyXIGZnw6Q== badPwdCount: 0 badPasswordTime: 0 pwdLastSet: 130491428650358040 objectSid:: AQUAAB/DvlvT9kQDKv5c3yyu4EqPUic3jHkmDg== objectCategory: CN=Person,CN=Schema,CN=Configuration,CN={EBB3EB07-5375-4D67-B774-42E7D82935A8} dSCorePropagationData: 16010101000000.0Z msDS-UserAccountDisabled: TRUE
导入示例
命令行
PS C:\ test> ldifde -i -k -f。\ maker.ldf -v -s 127.0.0.1连接到“127.0.0.1”使用SSPI以当前用户身份login从文件“。\ maker.ldf”中导入目录加载条目1:DC = FreeSMIME,DC = com
从第1行开始添加错误:不愿执行服务器端错误是:0x2079指定的实例types无效。 扩展的服务器错误是:00002079:SvcErr:DSID-033309B0,问题5003(WILL_NOT_PERFORM),数据0
0条目修改成功。 程序中发生错误没有写入日志文件。 为了生成日志文件,请通过-j选项指定日志文件path。
maker.ldf的内容
dn: [email protected],OU=Users,DC=FreeSMIME,DC=com changetype: add objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user cn: [email protected] userCertificate:: MIIFUTCCBDmgAwIBAgITHwAAADzW+zggKBd9dQABAAAAPDANBgkqhkiG9w0BAQUFADB0MQswCQYDVQ QGEwJ1czEVMBMGA1UEChMMQml0Y2xlYXIgTExDMRYwFAYDVQQLEw1FbWFpbCBQcml2YWN5MRYwFAYD VQQDEw1GcmVlU01JTUUuY29tMR4wHAYDVQQDExVTZWN1cmUgSXNzdWVyIDAxYS0wMDEwHhcNMTQwNz A2MDQyNDQyWhcNMTUwMTAyMDQyNDQyWjCBgzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMQwwCgYD VQQHEwNOWUMxEzARBgNVBAsTClRlY2hub2xvZ3kxHjAcBgNVBAMMFW1ha2Vyb2Z0aGluZ3M3QG1lLm NvbTEkMCIGCSqGSIb3DQEJARYVbWFrZXJvZnRoaW5nczdAbWUuY29tMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAymz3YPRVAE2i1X7XmmrBk+SmsH1FAyYEhNkKpDn6R+1Za8n5OC4UseQwCs HoM/PtZ50JYViPW1+qBykehkH4LylCkp5OIjZbodedcIL+ucDHh1PITNChp8C5fQWYmfiUofWF8ztA yGJNriy9VO30JFq9xexnif7i04kxdd151/BjOW5FEGOrpZJajoLkQycfbtdexxrKvGbSNsZZ4dwKVy uxRcXXwgT9p8wa51uMGMBdpFsKTRkmFl8nvx1zRdcGfl7CkKLCRmZkoCPP+vgyqGUtO+bYxSP6vc0t hZ7efXOkoDQWMfj/EHcKGWJgGm4B+l4SG9Pfkujr+Miw1CxHvwIDAQABo4IByjCCAcYwPQYJKwYBBA GCNxUHBDAwLgYmKwYBBAGCNxUIgq30IYfppWqGlZ8EhYL3L4GCyxkhhZLlIIb5vHACAWQCAQ4wEwYD VR0lBAwwCgYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgUgMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYBBQ UHAwQwRAYJKoZIhvcNAQkPBDcwNTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAcGBSsO AwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBSruXcob9eIxbsorVGMF6m+w7LACTAfBgNVHSMEGDAWgB TaxAaP6+QX4fmgA8d0h36ZY/fwRjBNBgNVHR8ERjBEMEKgQKA+hjxodHRwOi8vcGtpLmJpdGNsZWFy LnVzL2kwMWEvU2VjdXJlJTIwSXNzdWVyJTIwMDFhLTAwMSgxKS5jcmwwbgYIKwYBBQUHAQEEYjBgMF 4GCCsGAQUFBzAChlJodHRwOi8vcGtpLmJpdGNsZWFyLnVzL2kwMWEvYS5Jc3N1ZTAxLmJpdGNsZWFy LnVzX1NlY3VyZSUyMElzc3VlciUyMDAxYS0wMDEoMSkuY3J0MA0GCSqGSIb3DQEBBQUAA4IBAQA/6K tRc0Nq5hdJouyTMNMUju+DW2Px2gVfAx6h7UWdG76FVJ14CuTCuS0zLngmO102eeTo9//ZOKE5UcdP JmlegIam0ne8uNELInIY8HancU5fW34O+Jxa/ZqOMzXiHyKwTC4dwBsgP0TjHQsnYzSIAM/pB7fpBw FYUeqcz3XmsjbasQazCotCuAXIIPaqW2hC7KbEXDCaCdLAWWQ8erd+CeNmmclP5GXi2ZvxVDOW8l/F nGRQSrMTkZz4Rc2jS9w6VlGBMR+GXPQ9rJmxSl89WLATsejYFbDwbM5nKGJfpTZVf1SYnKGb9ficVu eHeuwv1fGAV4s9zHSCsk33EElS distinguishedName: [email protected],CN=Users,DC=FreeSMIME,DC=com instanceType: 4 name: [email protected] objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=FreeSMIME,DC=com mail: [email protected]
我能够通过删除行来修复导入文件:
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=FreeSMIME,DC=com