On Feb 7, 2008, at 4:33 PM, Rich Megginson wrote:
> Chris Waltham wrote:
>> * why can't I import the Sun schema if that's what I want to do?
> You should be able to do that. It's really odd that Sun defined
> schema is in 99user.ldif - that file is reserved solely for user
> defined schema added via LDAP. You'll have to post the errors here
> so we can address the issues.
I did one better: I simply copied the entire config/schema/ directory
from the Sun box to the Fedora box, and tried to restart Fedora DS. I
got some non-fatal errors:
[root at hebron slapd-hebron]# /etc/init.d/dirsrv start
Starting dirsrv:
hebron...[07/Feb/2008:16:41:00 -0500] - Entry "cn=SNMP,cn=config"
-- attribute "nssnmpname" not allowed
[07/Feb/2008:16:41:00 -0500] - Entry "cn=PAM Pass Through
Auth,cn=plugins,cn=config" has unknown object class "pamConfig"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=Kerberos uid
mapping,cn=mapping,cn=sasl,cn=config" has unknown object class
"nsSaslMapping"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=rfc 2829 dn
syntax,cn=mapping,cn=sasl,cn=config" has unknown object class
"nsSaslMapping"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=rfc 2829 u
syntax,cn=mapping,cn=sasl,cn=config" has unknown object class
"nsSaslMapping"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=uid
mapping,cn=mapping,cn=sasl,cn=config" has unknown object class
"nsSaslMapping"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=SNMP,cn=config" -- attribute
"nssnmpname" not allowed
[ OK ]
That gave me some hope, so then I tried to import my database from an
LDAP. FWIW, this is how I generated the LDIF on the Sun box:
db2ldif 'o=Bowdoin College, c=US'
Then I just tried this in Fedora:
/usr/lib/dirsrv/slapd-hebron/ldif2db -s 'o=Bowdoin College, c=US' -i /
path/to/dumpfile.ldif
And I got the following errors:
importing data ...
[07/Feb/2008:16:41:08 -0500] - Entry "cn=SNMP,cn=config" -- attribute
"nssnmpname" not allowed
[07/Feb/2008:16:41:08 -0500] - Entry "cn=PAM Pass Through
Auth,cn=plugins,cn=config" has unknown object class "pamConfig"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=Kerberos uid
mapping,cn=mapping,cn=sasl,cn=config" has unknown object class
"nsSaslMapping"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=rfc 2829 dn
syntax,cn=mapping,cn=sasl,cn=config" has unknown object class
"nsSaslMapping"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=rfc 2829 u
syntax,cn=mapping,cn=sasl,cn=config" has unknown object class
"nsSaslMapping"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=uid
mapping,cn=mapping,cn=sasl,cn=config" has unknown object class
"nsSaslMapping"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=SNMP,cn=config" -- attribute
"nssnmpname" not allowed
[07/Feb/2008:16:41:08 -0500] - ERROR 2: There is no backend instance
to import to.
To be honest, I am a little confused at the relationship between
instances and backends. From what I can see, Sun includes the
following instances: userRoot, internetdb, pab and netscapeRoot (and
possibly others?). But, I only have one suffix that I need, which is
o=Bowdoin College, c=US.
Chris
>
>> * if I can't import the Sun schema, is there an easy way of
>> stripping out the Sun attributes from a 10,000-user LDIF file?
> If you are a Perl hacker, you could use Mozilla perldap (included
> with the fedora ds software) or Net::LDAP (probably bundled with
> your linux OS perl distribution). If you prefer python, python-ldap
> also has an LDIF parser.
>>
>> Thanks,
>>
>>
>> Chris
