How to delete unwanted entries from the CA IDM Directory
search cancel

How to delete unwanted entries from the CA IDM Directory


Article ID: 220540


Updated On:


CA Identity Manager CA Identity Suite CA Directory


Some entries have been created with "special characters" that are not recognized by IM and are causing search issues. We would like to remove those entries from the directory. 



Release : 14.x

Component : IdentityMinder(Identity Manager)


CA Identity Manager (IM) 14.x is running with CA directory 14.x as the userstore.  


When groups are created in bulk using the dx commands, some non-ascii characters have been fed into the system by mistake.


As the characters are UTF-8 or base64 encoded when they are dumped into LDIF file they appear in an encoded format.

For example:

dn:: sdfsfkoporhqmamsdf=


cn:: jnhiuwapmds01=

Having dumped the data (dxdumpdb) the next action is to identify and remove the erroneous entries from LDIF and then reload it (dxloaddb).  However, we strongly recommend testing the import against the test directory before overwriting production data.

For example:

a) Remove all erroneous entries from LDIF (e.g. name it removed.ldif)
b) dxserver stop test
c) dxemptydb test
d) dxloaddb test removed.ldif
e) dxserver start test
f) Connect via JXplorer and review the results.