On Tue, Feb 24, 2009 at 12:38 PM, Thorsten Scherf <tscherf@xxxxxxxxxx> wrote: > On [Mon, 23.02.2009 13:42], Diaa Radwan wrote: >> >> On Thu, Feb 19, 2009 at 11:16 PM, Thorsten Scherf <tscherf@xxxxxxxxxx> >> wrote: >>> >>> Wondering if somebody recently did a migration from OpenLDAP to FDS and >>> is willing to share experiences. >>> >> >> I have migrated from openldap to fds, I have passed all the following >> steps : >> >> - Fix the my ldif data since there was hundreds of records have no >> missing object class, as there was no enforcing schema checking set on ol >> - Migrate our custom schema. >> - Migrate the acls to aci (this was tough) > > yeah, thats the intersting part here. Have you done the migration > of ACIs manually? Yeah, AFAIK the only way to migrate ol acl to aci is doing them manually, it is easy once you have figured out who have access on which part. as more of the time when you have many access rules, it became harder to migrate the file. I had 60 access rule on acl file translated to 19 aci. I could have them less than 19 but I decided to add aci on deeper leafs. Check this link on redhat doc. it will help you to migrate whatever service you are running now to aci, http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control-Access_Control_Usage_Examples.html Once you have done the migration, life would go easier and easier for you. -- Diaa Radwan http://www.fossology.net -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
