Chris Waltham wrote:
It would probably be better to only copy the files not already in the Fedora DS schema directory e.g. pseudocodeOn Feb 7, 2008, at 4:33 PM, Rich Megginson wrote:Chris Waltham wrote:You should be able to do that. It's really odd that Sun defined schema is in 99user.ldif - that file is reserved solely for user defined schema added via LDAP. You'll have to post the errors here so we can address the issues.* why can't I import the Sun schema if that's what I want to do?I did one better: I simply copied the entire config/schema/ directory from the Sun box to the Fedora box, and tried to restart Fedora DS.
for file in sun/config/schema/*.ldif name=`basename $file` if [ ! -f /etc/dirsrv/slapd-instancename/schema/$name ] ; then cp $file /etc/dirsrv/slapd-instancename/schema/$name fi doneBecause the Fedora DS schema has changed someone. For starters, our new 00core.ldif contains only the very core essential schema required to start the server - the non-essential schema has been moved to 01common.ldif. Their 00core.ldif probably still contains everything. So if you overwrite the fedora ds 00core.ldif with theirs, chaos will ensue.
You might try the migrate-ds-admin.pl script. It might be able to handle the Sun data. Use -o /opt/iplanet or whatever they use for their server root directory.I got some non-fatal errors: [root@hebron slapd-hebron]# /etc/init.d/dirsrv start Starting dirsrv:hebron...[07/Feb/2008:16:41:00 -0500] - Entry "cn=SNMP,cn=config" -- attribute "nssnmpname" not allowed [07/Feb/2008:16:41:00 -0500] - Entry "cn=PAM Pass Through Auth,cn=plugins,cn=config" has unknown object class "pamConfig" [07/Feb/2008:16:41:00 -0500] - Entry "cn=Kerberos uid mapping,cn=mapping,cn=sasl,cn=config" has unknown object class "nsSaslMapping" [07/Feb/2008:16:41:00 -0500] - Entry "cn=rfc 2829 dn syntax,cn=mapping,cn=sasl,cn=config" has unknown object class "nsSaslMapping" [07/Feb/2008:16:41:00 -0500] - Entry "cn=rfc 2829 u syntax,cn=mapping,cn=sasl,cn=config" has unknown object class "nsSaslMapping" [07/Feb/2008:16:41:00 -0500] - Entry "cn=uid mapping,cn=mapping,cn=sasl,cn=config" has unknown object class "nsSaslMapping" [07/Feb/2008:16:41:00 -0500] - Entry "cn=SNMP,cn=config" -- attribute "nssnmpname" not allowed[ OK ]That gave me some hope, so then I tried to import my database from an LDAP. FWIW, this is how I generated the LDIF on the Sun box:db2ldif 'o=Bowdoin College, c=US' Then I just tried this in Fedora:/usr/lib/dirsrv/slapd-hebron/ldif2db -s 'o=Bowdoin College, c=US' -i /path/to/dumpfile.ldifAnd I got the following errors: importing data ...[07/Feb/2008:16:41:08 -0500] - Entry "cn=SNMP,cn=config" -- attribute "nssnmpname" not allowed [07/Feb/2008:16:41:08 -0500] - Entry "cn=PAM Pass Through Auth,cn=plugins,cn=config" has unknown object class "pamConfig" [07/Feb/2008:16:41:08 -0500] - Entry "cn=Kerberos uid mapping,cn=mapping,cn=sasl,cn=config" has unknown object class "nsSaslMapping" [07/Feb/2008:16:41:08 -0500] - Entry "cn=rfc 2829 dn syntax,cn=mapping,cn=sasl,cn=config" has unknown object class "nsSaslMapping" [07/Feb/2008:16:41:08 -0500] - Entry "cn=rfc 2829 u syntax,cn=mapping,cn=sasl,cn=config" has unknown object class "nsSaslMapping" [07/Feb/2008:16:41:08 -0500] - Entry "cn=uid mapping,cn=mapping,cn=sasl,cn=config" has unknown object class "nsSaslMapping" [07/Feb/2008:16:41:08 -0500] - Entry "cn=SNMP,cn=config" -- attribute "nssnmpname" not allowed [07/Feb/2008:16:41:08 -0500] - ERROR 2: There is no backend instance to import to.To be honest, I am a little confused at the relationship between instances and backends. From what I can see, Sun includes the following instances: userRoot, internetdb, pab and netscapeRoot (and possibly others?). But, I only have one suffix that I need, which is o=Bowdoin College, c=US.
If migration does not work, then you will at least have to create a database and configure a suffix for o=Bowdoin College, c=US See - http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Configuring_Directory_Databases.html
Chris* if I can't import the Sun schema, is there an easy way of stripping out the Sun attributes from a 10,000-user LDIF file?If you are a Perl hacker, you could use Mozilla perldap (included with the fedora ds software) or Net::LDAP (probably bundled with your linux OS perl distribution). If you prefer python, python-ldap also has an LDIF parser.Thanks, Chris-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
