On Fri, Jul 13, 2007, Paul J Stevens <[EMAIL PROTECTED]> said: > Geir Voll Nielsen wrote: >> >> Hi, >> >> I am currently investigating the possibilty to migrate all user >> information from mysql to ldap (and then authenticate against ldap). Is >> it possible to do such a migration? Has anybody done it? >> > > > Yep. No real problems. Only caveat: what encoding type are your > passwords? If they are crypt or plaintext you can insert them into ldap > as-is. > > Also, creating users in ldap will most likely use different uidNumber > values than you currently have as user_idnr in dbmail_users. So after > you create an ldap user, you must make sure the user_idnr in the sql > table is updated to match the uidNumber in ldap.
That's in fact the crucial issue. Both the username and the user_idnr must match between the sql and the ldap. When a new user is created in ldap, a shadow user is created in sql with the same name and user_idnr. You can't just update the dbmail_users table to change the user_idnr because the foreign keys in the mailboxes table will cause the user's mailboxes to be detached and then removed. What you'll need to do is write a script that generates an ldif file from the dbmail_users table, then load that ldif file into the ldap server. It'll probably take a few tries before you can log in, but the good news (and I just re-read the code, so I think I have this right) is that we won't let you log in until both the password and the username-user_idnr pairs all match up with whatever is currently in the database. Good luck! Please post your script when you're done, I'm sure many people would be interested in seeing how to make this same transition. Aaron _______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
