To add to this:
I have gone into the DS 7.1 Directory Server Console on the Configuration
tab and drilled down to:
Data -
- o=CompanyA
-CompanyA = right click, export database
This creates the ldif file that looks like exactly what I need but the
import into the new 389 1.2.6 fails with:
ldapmodify -a -D "cn=Administrators" -W -f /tmp/companyA.ldif -p 389 -h
localhost
Enter LDAP Password:
adding new entry "o=CompanyA"
ldap_add: No such object (32)
Which makes sense.
Again, any assistance is greatly appreciated.
Herb
On Thu, Apr 10, 2014 at 5:51 PM, Herb Burnswell <[email protected]
> wrote:
> Thanks again for the reply Dustin. I think I'm a little over my head here.
> I have cleared out all the previous data from
> ou=CompanyA,dn=hq,dn=example,dn=com by going into the Directory Server
> console, selecting the 'Directory' tab and deleting and re-adding CompanyA
> under hq folder. I can connect to it via LDAPadmin, but as you can imagine,
> no data.
>
> Here's my confusion, the old LDAP implementation from which I need to import
> the data is Fedora DS 7.1 and the new LDAP implementation is 389 1.2.6. So,
> the old one is much older and is has a different 'structure'.
>
> In 7.1 in the Directory server console, Configuration tab, I have:
>
> Data -
>
> - o=NetscapeRoot
>
> - NetscapRoot
>
> - o=CompanyA
>
> - o=CompanyA
>
> In the 389 1.2.6 Directory server console, Configuration tab, I have:
>
> Data -
>
> - dc=hq,dc=example,dc=com
>
> - userRoot
>
> - o=netscaproot
>
> - NetscapRoot
>
> So, in DS 7.1 the top level is o=CompanyA
>
> In 389 1.2.6 the top level is ou=CompanyA,dn=hq,dn=example,dn=com
>
> The new 'top level' is what I'd like it to be but I need everything
> underneath these 'top levels' to be identical. My question is how can I
> import the DS 7.1 o=CompanyA into the 389 1.2.6
> ou=CompanyA,dn=hq,dn=example,dn=com?
>
>
> Hopefully I have not completely confused the situation here. I greatly
> appreciate any suggestions on how to get this working properly.
>
> TIA,
>
> Herb
>
>
>
>
> Dustin Rice:
>
> The better way would be using a tool on the OS that's like db2ldif
> (pretty sure most netscape LDAP deriviatives come with these).
>
> When you do a ldapsearch like that the server won't send along some
> fields (password being one of them). If you run the db2ldif it'll spit
> out an ldif file then you should be able to import it with something
> like ldif2db or just an ldapadd.
>
>
> Herb:
>
> Dustin thanks for the reply.
>
> I would need everything in:
>
> o=companyA *dc=hq,dc=example,dc=com*
>
> Everything appears to be imported as needed except the password issue. If I
> reset the passwords in the new implementation it's fine but that won't work
> with 100's of users.
>
> Is this:
>
> *ldapsearch -b "o=companyA" -D "dc=hq,dc=example,dc=com" -h **original_system
> > output.ldif*
>
> *an acceptable way of exporting everything including passwords for users or
> is there a better way?*
>
> *Thanks again,*
>
> *Herb *
>
>
> Dustin Rice:
>
> Well, schema would be like, the list of fields whereas it looks like you
>
> might be doing a dump/load of users/groups?
>
> On 04/10/2014 01:17 PM, Herb Burnswell wrote:
> >* All,
> *
> >>* I'm attempting to import an LDAP schema (is that the correct term?)
> *>* from one LDAP implementation to another and it appears that I may be
> *>* doing it incorrectly. I created a ldif file for import as:
> *>>* ldapsearch -b "o=companyA" -D "dc=hq,dc=example,dc=com" -h
> *>* original_system > output.ldif
> *>>* I then used the GUI in the new LDAP implementation to import the ldif
> *>* file. Everything seemed to work find as I have the entire tree but
> *>* there appears to be a problem with passwords.
> *>>* Am I missing the passwords for users with this export to ldif file?
> *>* What is the proper procedure to import all information from a schema
> *>* (is that the correct term?) to import into a new LDAP implementation?
> *>>* Thanks in advance for any assistance,
> *>>* Herb
> *>>
> >* --
> *>* 389 users mailing list
> *>* 389-users at lists.fedoraproject.org
> <https://admin.fedoraproject.org/mailman/listinfo/389-users>
> *>* https://admin.fedoraproject.org/mailman/listinfo/389-users
> <https://admin.fedoraproject.org/mailman/listinfo/389-users>*
>
>
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
