Hi Sean! On Tue, 02 Feb 2010, Sean Carolan wrote: > >> Any suggestions for migrating accounts from /etc/shadow into the LDAP > >> database? ?I tried this LdapImport perl script but it threw a bunch of > >> errors and ultimately failed: > > > > At the time I did the initial import here, I put together a really ugly > > shell script that used a few cuts, greps and/or seds against the passwd > > and shadow files to build an LDIF, and then dumped it in with an > > ldapmodify command. > > > > It's actually easier than it sounds once you're familiar with the > > posixAccount schema and which passwd attribute maps to which LDAP > > attribute. > > I only have eight or ten users who need accounts initially, we may > just have them enter their passwords by hand... > > Incidentally I did try the openldap migrate_all_online.sh script that > is recommended here: > > http://directory.fedoraproject.org/wiki/Howto:MigrateToLDAP > > But it failed with a SASL error. I suppose that might be due to my > not having ssl setup? If you got a SASL error, chances are it used the ldap[add|modify] from OpenLDAP (which is generally what you'll get if you don't specifiy a full path), If you can find where it's calling it, add "-x" to the parameters, or point it at the ldap[add|modify] provided with 389.
