How to delete Entries in OID 11g in Bulk – Delete Failed : Ldap Error Code 66 Not allowed on Non-Leaf

Entries in LDAP Server (OID) are stored in tree like structure. You can delete an entry OID 11g using ODSM but if you try to delete an entry which contains sub-entry then you will get error message like “LDAP Error Code 66 Not allowed on Non-Leaf ” (11.1.1.4 and lower) . You should first delete lowest level of tree (leaf) and then go all the way up to delete entries via ODSM. What if you have approx. 10/15 levels for an entry or wish to delete entries in OID in Bulk (all users/groups or subset of users/groups) ?

Simple answer is bulkdelete which is LDAP command. In this post I am going to show how to delete entries OID 11g in bulk or recursively

1. Set Environment Variable ORACLE_HOME and ORACLE_INSTANCE for OID 11g

export ORACLE_HOME=/u01/oracle/fmw/Oracle_IDM1
export ORACLE_INSTANCE=/u01/oracle/fmw/asinst_1

2. Shutdown OID using OPMNCTL  (OID should be down during bulkdelete or entry caching should be disabled)

$ORACLE_INSTANCE/bin/opmnctl stopall

3. Run bulkdelete with entry which you want to delete in OID (command will delete all child entry under that)

$ORACLE_HOME/ldap/bin/bulkdelete connect=connect_string {[basedn=Base_DN] | [file=file_name]}

$ORACLE_HOME/ldap/bin/bulkdelete connect=oiddb basedn=”ou=service,cn=users,dc=mydomain,dc=co,dc=uk” (Here oiddb is TNS name defined by default in $ORACLE_INSTANCE/network )

Provide ODS schema password when prompted

You should see output like XXX Entries have been deleted

b) If you want to delete multiple entries (under different location in one go) then create a file delete.ldif with entry like

ou=user1,cn=users,dc=mydomain,dc=co,dc=uk
ou=user2,cn=users,dc=mydomain,dc=co,dc=uk
cn=group1,cn=groups,dc=mydomain,dc=co,dc=uk

Here “ou=user1,cn=users,dc=mydomain,dc=co,dc=uk” is Distinguished Name (DN) of entry which you wish to delete (Change DC as per your OID setup)

and run
$ORACLE_HOME/ldap/bin/bulkdelete connect=oiddb file=delete.ldif

Provide ODS schema password when prompted

You should see output like XXX Entries have been deleted

4. Start OID, $ORACLE_INSTANCE/bin/opmnctl startall

.

References

About the Author Masroof Ahmad

Leave a Comment:

3 comments
Add Your Reply