Our Active directory source has changed, where LDAP path pointing to a DC has been decommissioned. When I edit path it created a new entry. I cannot remove decommissioned path since there are user added from AD and cannot add same users in the new path because it already has user from non-existing path.
1) Yes, this will move any user that is curently using LDAP connection "1" or what ever the IDN for the LDAP is) to your new ldap. LDAP queries is resolved in my previous email.
2) Locate the APM_LDAP_SERVER table in your LDMS Database and note the APM_LDAP_SERVER_IDN of your current LDAP connection. Lets say that it is "1".
3) Create the new LDAP connection. DO NOT delete the old one yet.
4) Now go back to your database to the APM_LDAP_SERVER table and note the APM_LDAP_SERVER_IDN of your new LDAP connection. Lets say it is "2".
Now execute the following SQL staement;
update ConsoleUser set APM_LDAP_SERVER_IDN = '2' where APM_LDAP_SERVER_IDN = '1'
**Make sure to change out the values of 1 & 2 to your actual LDAP values.**
5) This will move all of your users and all of their settings to your new LDAP connection.
Here are the statements that will change the LDAP queries as well;
update apm_policy_query set ldap_server_dbid = '2' where ldap_server_dbid = '1'
update apm_policy_query set queryroot = 'newLDAPname' where queryroot = 'oldLDAPname'\
**Make sure you swap out the 2 & 1 for the same values you found for the consoleuser statements I gave you, and replace the "oldLDAPname" and "newLDAPname" with the correct values.
Also, check your ld_ldap_targets table in your DB and tell me if you have anything in there with values in the ldap_source_Idn column that match the values from the consoleuser table. If you do, you will also need to run the following statement;
update ld_ldap_targets set ldap_source_Idn = '2' where ldap_source_Idn = '1'
**Make sure you swap out the 2 & 1 for the corresponding values
6) Running this will go pretty quick. It will depend on the # of users that you have in your DB. Running it after hours is probably not necessary, but is a good idea if you can wait. I would also backup the Database before you make any changes.