migrating to openldap
Maciej Milewski
milu at dat.pl
Wed Oct 13 15:37:04 UTC 2010
On Wednesday 13 October 2010 16:08:35, Tim Dunphy wrote:
> Hello,
>
> I am attempting to migrate my local user setup to openldap under
> FreeBSD 8.1. My server is currently running nicely.
>
> At the moment, sudoers is imported into openldap-server24. But
> services that authenticate through PAM (such as su and ssh) are
> currently not working.
>
> I notice that the CentOS version of openldap24 has a really nice set
> of perl scripts suited to this purpose.
>
> So I rsynced them over to my BSD box in the hopes of using them.
>
> LBSD2# ls
> README migrate_group.pl
> migrate_aliases.pl migrate_hosts.pl
> migrate_all_netinfo_offline.sh migrate_netgroup.pl
> migrate_all_netinfo_online.sh migrate_netgroup_byhost.pl
> migrate_all_nis_offline.sh migrate_netgroup_byuser.pl
> migrate_all_nis_online.sh migrate_networks.pl
> migrate_all_nisplus_offline.sh migrate_passwd.pl
> migrate_all_nisplus_online.sh migrate_profile.pl
> migrate_all_offline.sh migrate_protocols.pl
> migrate_all_online.sh migrate_rpc.pl
> migrate_automount.pl migrate_services.pl
> migrate_base.pl migrate_slapd_conf.pl
> migrate_common.ph migration-tools.txt
> migrate_fstab.pl
>
> What one needs to do is set an environment variable for your base DN
> and then run the scripts.
>
> LBSD2# echo $DEFAULT_BASE
> dc=summitnjhome,dc=com
>
>
> LBSD2# ./migrate_base.pl > /home/bluethundr/txt/base.ldif
>
> But for some reason the scripts running under BSD don't see the base
> dn that i set, whereas when I run them under CentOS they do.
>
> Now, I could edit the resulting file by hand, but that isn't a very
> practical solution. Does anyone know if there are either existing
> FreeBSD versions of these migration scripts or have a tip for helping
> me get these to run under FreeBSD?
>
> Thanks!!!
The migrationtools page[1] says this about
$DEFAULT_BASE
The naming suffix to use in entries' distinguished names. If undefined, this
will be constructed by mapping the mail domain name into a distinguished name
(eg aceindustry.com becomes dc=aceindustry,dc=com). You may override this with
the LDAP_BASEDN environment variable.
Have you tried that?
1.http://www.padl.com/OSS/MigrationTools.html
--
Maciej Milewski
More information about the freebsd-questions
mailing list