On Thu, 2016-03-03 at 01:33 +0100, wodel youchi wrote: > Hi, > > We're planning the migration from openldap to 389DS, > we did some tests, and we have some problems with users passwords migration. > > We found this article in 389DS's website > http://directory.fedoraproject.org/docs/389ds/design/password-migration-design. > html > > Is this implemented or not yet or completely abandoned? > > the Pass through plugin worked, but we didn't find the "password migration > mode option" to catch the passwords. > If your users passwords are stored in a hash format that 389 can understand, you should be able to take an ldif of the openldap directory and apply it directly to 389-ds If you plan to run both in sync for some time, that may not be possible. I had a look at the pass through auth code, and it doesn't look like the code to write back hashes is in there (unless I missed something) I've created a ticket to develop this feature, but I can not guarantee a time span on when it will be complete I am sorry. https://fedorahosted.org/389/ticket/48753 -- Sincerely, William Brown Software Engineer Red Hat, Brisbane
Attachment:
signature.asc
Description: This is a digitally signed message part
-- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
