migrating to openldap

Maciej Milewski milu at dat.pl
Wed Oct 13 15:37:04 UTC 2010 

On Wednesday 13 October 2010 16:08:35, Tim Dunphy wrote:
> Hello,
> 
>  I am attempting to migrate my local user setup to openldap under
> FreeBSD 8.1. My server is currently running nicely.
> 
>  At the moment, sudoers is imported into openldap-server24. But
> services that authenticate through PAM (such as su and ssh) are
> currently not working.
> 
>  I notice that the CentOS version of openldap24 has a really nice set
> of perl scripts suited to this purpose.
> 
>  So I rsynced them over to my BSD box in the hopes of using them.
> 
>  LBSD2# ls
> README				migrate_group.pl
> migrate_aliases.pl		migrate_hosts.pl
> migrate_all_netinfo_offline.sh	migrate_netgroup.pl
> migrate_all_netinfo_online.sh	migrate_netgroup_byhost.pl
> migrate_all_nis_offline.sh	migrate_netgroup_byuser.pl
> migrate_all_nis_online.sh	migrate_networks.pl
> migrate_all_nisplus_offline.sh	migrate_passwd.pl
> migrate_all_nisplus_online.sh	migrate_profile.pl
> migrate_all_offline.sh		migrate_protocols.pl
> migrate_all_online.sh		migrate_rpc.pl
> migrate_automount.pl		migrate_services.pl
> migrate_base.pl			migrate_slapd_conf.pl
> migrate_common.ph		migration-tools.txt
> migrate_fstab.pl
> 
> What one needs to do is set an environment variable for your base DN
> and then run the scripts.
> 
> LBSD2# echo $DEFAULT_BASE
> dc=summitnjhome,dc=com
> 
> 
> LBSD2# ./migrate_base.pl > /home/bluethundr/txt/base.ldif
> 
> But for some reason the scripts running under BSD don't see the base
> dn that i set, whereas when I run them under CentOS they do.
> 
>  Now, I could edit the resulting file by hand, but that isn't a very
> practical solution. Does anyone know if there are either existing
> FreeBSD versions of these migration scripts or have a tip for helping
> me get these to run under FreeBSD?
> 
> Thanks!!!
The migrationtools page[1] says this about
 $DEFAULT_BASE 
The naming suffix to use in entries' distinguished names. If undefined, this 
will be constructed by mapping the mail domain name into a distinguished name 
(eg aceindustry.com becomes dc=aceindustry,dc=com). You may override this with 
the LDAP_BASEDN environment variable.
Have you tried that?

1.http://www.padl.com/OSS/MigrationTools.html

-- 
Maciej Milewski

More information about the freebsd-questions mailing list