DXdumpdb Tool -- Export Data from a Datastore to an LDIF File

Use the DXdumpdb tool to export data from a datastore to an LDIF file.
Use the DXdumpdb tool to export data from a datastore to an LDIF file.
Usage notes
  • The DXdumpdb tool supports export of ldif files with encrypted attributes. 
    • If there are any sensitive attributes mentioned in the db file, then you are prompted to provide the passphrase. When you provide the passphrase, the sensitive attributes are encrypted and written to the LDIF file.
      An encrypted ldif file will contain two key value pairs, namely,  "Key" and "Attributes" that are commented out. These values should not be modified or deleted as any such activity will restrict decryption of data and may lead to permanent data loss.
    • If you select to encrypt an RDN attribute, then the value of that attribute is not encrypted in the DN, however, the value gets encrypted in the entry. 
  • For a list of the status codes returned by all the DXtools commands, including this command, see Exit Status Codes for the DXtools.
This command has the following format:
dxdumpdb options DSA
    • options
      Denotes one or more of the following options:
    • -f
      Specifies the file to receive the exported data. If this option is not specified, the output goes to standard output or the screen.
    • -i
      Includes the listed attributes in the dump file.
      The attributes specified with the -i option must include the naming attributes. If the attributes are not specified, then the tool does not dump the entries. In addition, the must-contain attributes must also be specified if the output is intended to be used with DXloaddb again.
      -vRuns in verbose mode. This option switches on error and status tracing. For the -v option to work, you must also specify the -f option.
    • -j Comma separated list of include objectClasses
      When dumping to LDIF, the LDIF file only contains entries that contain *exactly* the object classes listed.
    • -y Comma separated list of exclude objectClasses
      When dumping to LDIF, entries that contain any object class in this list will not be included in the LDIF file.
    • -x
      Excludes the listed attributes from the dump file.
      You should not exclude attributes that form part of the DN.
    • -z
      Specifies that DXdumpdb dumps from the copy of the datastore that is produced by the console command dump dxgrid-db.
    • DSA
      Defines the DSA. DXdumpdb looks in the configuration files of this DSA to find the datastore to export to an LDIF file.
    • -p
      (Optional) Specifies the passphrase that is used to  encrypt sensitive attributes. This passphrase must be at least eight characters long and can contain space. If the passphrase is not specified as a command-line option, the dumpdb tool prompts for a passphrase when encrypted data is being exported.
    • -c
      Exports all the encrypted attributes from the db file into the ldif file in plain text.
      Use of option "-p" must be avoided when option "-c" is in use.
Example: Extract Democorp Data to Screen
The following example prints the LDIF format data from the datastore of the
DSA to the screen:
dxdumpdb democorp
Examples: Extract Democorp Data to a file specifying attributes
dxdumpdb -f dump.ldif -i cn,title democorp
This command fails because the naming attribute ou is missing.
dxdumpdb -f dump.ldif -i cn,ou,title democorp
This command works,  but the output cannot be loaded back into democorp with DXloaddb because the must-contain
attribute is missing.
dxdumpdb -f dump.ldif -i sn,cn,ou,title democorp
This command works and the generated output file can be loaded into democorp again because the output file contains all the name attributes and must-contain attributes.
Example: Extract Democorp Data Containing Specific Object Classes
The following example prints the LDIF format data from the datastore of democorp, including only entries containing the inetOrgPerson objectClass.
dxdumpdb –j inetOrgPerson,top,person,organizationalPerson democorp
The super classes of inetOrgPerson that are stored with the entry must be included.