LDIFDE를 사용하여 마이그레이션 이후 클린업 작업 수행하기
???? : Using LDIFDE to Perform Post-Migration Clean-up Tasks
?????? ???(Rusty)???. Ldifde.exe? ????(export)? ????(import) ??? ???? ??? ??? ??? ????? ???.
?? ??? ??? ????? ????? ??????? ?? ?? ??? ???? ?? ??, ??? ??? ????? ????? ???? ??? ? ? ?? ?? ??????. PIN? ??? ?? "Access Denied"? ??????.
???? ???? ??, ??? ????? ??????. ??????? ???? AD ???? ??? ????? ? ?? ??? ???? ?? Security Identity Mapping GUI? ?? ?? ????? ????. ??? ?????, 12,000 ??? ???? ?????. ??? ???? ??? ?????.
ADMT? userCertificate ??? attributeCertificateAttribute? ?????? ?? ?? ??? ????. ??? ?? API? ADMT? X.509 ?? ??? ??? ?? altSecurityIdentities ??? ??????? ?? ?? ????.
X.509 ?? ?? ?? = ??? ?? ?? ??
??? ???? 12,000 ??? ???? ?? altSecurityIdentities ??? ???? ???? ?? ???? ??? ?????.
Active Directory?? ?? ???? ? ???? ??? ??? (Step-by-Step Guide to Bulk Import and Export to Active Directory)
https://technet.microsoft.com/en-us/library/bb727091.aspx
????, "list of attributes"?? ??? ??? 'ldifde.exe export'? ??????. ??? ??? ????? ??? ???? ??? ? ?? ???. ??? -l ??? ???? altSecurityIdentities ??? ????, ???? DN(distinguished name)? ??? ??? ??? ??????.
Ldifde ?d “DC=fabrikam,DC=Com” ?r “(objectCategory=user)” ?p Subtree ?l altSecurityIdentities ?f oldDomainUsers.ldf
l -d ?? ?? ?? ? ? ???, fabrikam.com ???.
l -r ldap ?? ??? ??, ???? ??? ?????.
l -p ???? ?? ??, ????? ?? ?? fabrikam.com? ?? ?? ?????.
l -l ???? ???? ?? ??? ??, ? ??? ? ???? altSecurityIdentities ?????.
l -f ???? ??? ?? ??? ??
?? ???? LDIFDE ???? ??? ??? ?? ?????? ???? ?? ???(altSecurityIndentities ??? ?? ???)? ???? ???? ??????.
dn: CN=CraigsUsername,CN=Users,DC=fabrikam,DC=Com
changetype: modify
replace: altSecurityIdentities
altSecurityIdentities:
X509:<I>C=XX,O=XX. XXXXX,OU=XXX,OU=PKI,CN=Certificate CLASS 3 CA-5<S>C=XX,O=XX
XX,OU=XXX,OU=PKI,OU=User'sOU,CN=Username.Craig.SomeNumericValue
-
dn: CN=NedsUsername,CN=Users,DC=fabrikam,DC=com
changetype: modify
replace: altSecurityIdentities
altSecurityIdentities:
X509:<I>C=XX,O=XX. XXXXX,OU=XXX,OU=PKI,CN=Certificate CLASS 3 CA-5<S>C=XX,O=XX
XX,OU=XXX,OU=PKI,OU=User'sOU,CN=Username.Ned.SomeNumericValue
-
changetype: modify operations ??? "-"? ???? ???? ?? ?????. ??? ? ??? ??? ??? ???.
?? : ?? ??? ??? ????? ?????? ?? ?? ?? ????? ??? ???? ??? ?? ????? ?????, ? 3? ????? ???? ???. ??? ??? ??? ?? ??? ??? ????, ??? ?????. (Designing a Public Key Infrastructure in the Windows Server 2003 Deployment Guide) ADMT 3.1 ??? ?? ??? ??, ???, ??? ???? ????? ?????? ?? ??? ?? ????.
? ??? ldifde.exe? ?? ??? ?? ???? ???? ????. MS ??? ?? ??? ?????? csvde.exe? ?? ??? ??? ?? ?????.
- Russell “Spaniard” Despain