-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 15/04/14 08:32, Herb Burnswell wrote: > I just wanted to bump this inquiry. > > Is this a unique issue? Is there a way to export/import below > the: > > o=CompanyA ou=CompanyA,dn=hq,dn=example,dn=com > > Level to avoid the inconsistency? The easiest way to do this is to filter the ldif file through an editor such as sed. $ sed 's/o=CompanyA/ou=CompanyA,dn=hq,dn=example,dn=com/' <export.ldif > import.ldif There may be some subtleties, but this should work. cheers > Please let me know if I'm thinking about this incorrectly... > > TIA, > > Herb > > > > > On Thu, Apr 10, 2014 at 6:06 PM, Herb Burnswell > <herbert.burnswell@xxxxxxxxx <mailto:herbert.burnswell@xxxxxxxxx>> > wrote: > > To add to this: > > I have gone into the DS 7.1 Directory Server Console on the > Configuration tab and drilled down to: > > Data - - o=CompanyA -CompanyA = right click, export database > > This creates the ldif file that looks like exactly what I need but > the import into the new 389 1.2.6 fails with: > > ldapmodify -a -D "cn=Administrators" -W -f /tmp/companyA.ldif -p > 389 -h localhost Enter LDAP Password: adding new entry > "o=CompanyA" ldap_add: No such object (32) > > Which makes sense. > > Again, any assistance is greatly appreciated. > > Herb > > > On Thu, Apr 10, 2014 at 5:51 PM, Herb Burnswell > <herbert.burnswell@xxxxxxxxx <mailto:herbert.burnswell@xxxxxxxxx>> > wrote: > > Thanks again for the reply Dustin. I think I'm a little over my > head here. I have cleared out all the previous data from > ou=CompanyA,dn=hq,dn=example,dn=com by going into the Directory > Server console, selecting the 'Directory' tab and deleting and > re-adding CompanyA under hq folder. I can connect to it via > LDAPadmin, but as you can imagine, no data. > > > > > Here's my confusion, the old LDAP implementation from which I need > to import the data is Fedora DS 7.1 and the new LDAP implementation > is 389 1.2.6. So, the old one is much older and is has a different > 'structure'. > > > > > In 7.1 in the Directory server console, Configuration tab, I have: > > Data - > > - o=NetscapeRoot > > - NetscapRoot > > - o=CompanyA > > - o=CompanyA > > In the 389 1.2.6 Directory server console, Configuration tab, I > have: > > Data - > > > > > - dc=hq,dc=example,dc=com > > - userRoot > > - o=netscaproot > > - NetscapRoot > > So, in DS 7.1 the top level is o=CompanyA > > In 389 1.2.6 the top level is ou=CompanyA,dn=hq,dn=example,dn=com > > The new 'top level' is what I'd like it to be but I need everything > underneath these 'top levels' to be identical. My question is how > can I import the DS 7.1 o=CompanyA into the 389 1.2.6 > ou=CompanyA,dn=hq,dn=example,dn=com? > > > > > > Hopefully I have not completely confused the situation here. I > greatly appreciate any suggestions on how to get this working > properly. > > > > > TIA, > > Herb > > > > > Dustin Rice: > > The better way would be using a tool on the OS that's like db2ldif > (pretty sure most netscape LDAP deriviatives come with these). > > When you do a ldapsearch like that the server won't send along some > fields (password being one of them). If you run the db2ldif it'll > spit out an ldif file then you should be able to import it with > something like ldif2db or just an ldapadd. > > > Herb: > > Dustin thanks for the reply. > > I would need everything in: > > o=companyA /dc=hq,dc=example,dc=com/ > > Everything appears to be imported as needed except the password > issue. If I reset the passwords in the new implementation it's > fine but that won't work with 100's of users. > > Is this: > > /ldapsearch -b "o=companyA" -D "dc=hq,dc=example,dc=com" -h > //original_system > output.ldif/ > > /an acceptable way of exporting everything including passwords for > users or is there a better way?/ > > /Thanks again,/ > > > > > > /Herb / > > > Dustin Rice: > > Well, schema would be like, the list of fields whereas it looks > like you > > might be doing a dump/load of users/groups? > > On 04/10/2014 01:17 PM, Herb Burnswell wrote: >> / All, > / >> //>/I'm attempting to import an LDAP schema (is that the > correct term?) />/from one LDAP implementation to another and it > appears that I may be />/doing it incorrectly. I created a ldif > file for import as: />//>/ldapsearch -b "o=companyA" -D > "dc=hq,dc=example,dc=com" -h />/original_system > output.ldif > />//>/I then used the GUI in the new LDAP implementation to import > the ldif />/file. Everything seemed to work find as I have the > entire tree but />/there appears to be a problem with passwords. > />//>/Am I missing the passwords for users with this export to ldif > file? />/What is the proper procedure to import all information > from a schema />/(is that the correct term?) to import into a new > LDAP implementation? />//>/Thanks in advance for any assistance, > />//>/Herb />//>// >> / -- > />/ 389 users mailing list />/ 389-users at lists.fedoraproject.org > <https://admin.fedoraproject.org/mailman/listinfo/389-users> />/ > https://admin.fedoraproject.org/mailman/listinfo/389-users/ > > > > > > -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users > - -- Dr Robin Garner Technology Services Southern Cross University P: +61 2 6620 3281 M: +61 418 619 500 http://cs.anu.edu.au/people/robin.garner/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTbEVNAAoJEHm9xBvoMhva5EEH/R7SwkaVBNCnVmkSrLrNurZ/ 3moRoa9mz5GMZgoszpeyAbFgn1RZ/oLwkBuExRn02Lmamzu0BJRV4xBaqrHR/vX4 gano9w9fiisFzT/tJqQFYzWmqMjGXcJQ+CxKQrSZMH23tLbKIap4EQWsaKcEfvnL x1Pw/paHvwqyNUefMUc2l7gkMJCgsNNifeJuHdGim5WcFD/DGpxmCBMfYUXpYJEX GFZGyUyQyW45ZpA5BYGN6feiqLo9AipR8/Kn33gw07ouuLYl0FCoG4FqrSnZa+mP cghtxmTDcJNBepGHP0jkpQn8gI1rJw01oR5Qo8EYdMvI46O1x+qIsmpfbXB+bjQ= =66PR -----END PGP SIGNATURE----- -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
