Backup ObjectSid
For a disaster recovery issue it might be necessary to have a backup of all objectsSids for users and computers.
Here is a simple script to create a ldif file that is ready to import and replace existing objectsids.
Since computers have an objectclass of user setting the filter to “(&(objectclass=user)(objectsid=*))” will return all users and computers with an objectsid. The base can be set to the domain name context (ex: dc=domain,dc=com) if this is ran from a DSfW server other wise use the standard context in eDir (ex: o=novell) assuming this is a name mapped install and the context does not use dc objectclass.
#!/bin/bash
ldapsearch -x -LLL -H ldaps://localhost:636 -D cn=admin,o=novell -W -b “o=novell” -s sub “(&(objectclass=user)(objectsid=*))” dn objectsid|sed s[objectsid[‘changetype:modify\nreplace:objectsid\nobjectsid'[g | grep -v ^# > Objectsids_restore.ldif
exit 0