Re: migrating users to openldap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Fri, Oct 29, 2010 at 10:15:32AM -0400, Adam Tauno Williams wrote:

> On Fri, 2010-10-29 at 09:00 -0400, Tim Dunphy wrote: 
> > I noticed that when I migrated my users with the migrate_passwd.pl
> > tool from PADL it didn't migrate the actual passwords (just the rest
> > of the posixAccount info). I think I need to set the EXTENDED_SCHEMA
> > variable and then try running the tool again. does anyone know what
> > this should be?
> >  I actually thought there might be a migrate_shadow.pl tool that could
> > accomplish this, but there doesn't appear to be anything like that
> > among the PADL migration tools.

I wonder if you did it as root.  If not, it doesn't include the
passwords.  (That is, the script will run as regular user, but will not
include passwords.)


> 
> I'd *strongly* recommend *not* using the PADL migration scripts.
> Morphing your system data into LDAP is pretty simple if you are familiar
> with any scripting language.  You should carefully think through what
> you want in the DSA and how you want it represented, then make the LDIF
> files accordingly.

I would have argued that two years ago, but I've come to the conclusion
that this is true. I might use it to create a sample ldif when I forget
some syntax, but I find myself using the padl scripts less and less.
This is not to say that (IMNSKO, not so knowledgeable--the rest I'm sure
you folks  know), they're bad per se, just that as one gets more
experienced, there are better ways of doing it. 

> 
> See
> <http://mosg.googlegroups.com/web/LDAP102.pdf?gda=OkhSRj0AAABGYSQZGnP1p0-ZaG58b_-Dpp2Ky__YopapPAxAcIb5YKjfyxwalkQMu975yVukqHflNv--OykrTYJH3lVGu2Z5> for some simple example (slides 27 - 29)
> 
Excellent link, thank you, even though I'm not the OP.

-- 
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6

Kendra: I call it Mr. Pointy.
Buffy: You named your stake?
Kendra: Yes.
Buffy: Remind me to get you a stuffed animal.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux