Re: [osol-help] passwd to ldap

Mon, 17 Sep 2007 09:29:44 -0700 

On Mon, Sep 17, 2007 at 11:47:13AM -0300, Artur Baruchi wrote:

> I'm installing the LDAP, and I would like to know if exist a tool or a
> script to migrate my users (from the shadow file and passwd file) to
> my ldap database.
> 
> If it exists, can someone send me more information about it.

Your LDAP server software might include one; check with your vendor.
Some of the proprietary packages offer a bunch of integrated migration
utilities.  Otherwise, it's very easy to write something yourself -
here's a simple script for migrating traditional passwd / yppasswd
output to LDIF (import with ldapadd(1)).  You could easily adjust it
to read the shadow file as well.  Note that some LDAP servers
(iPlanet/Sun DS is one of them) have some additional account
management features that you might want to take a look at if you're
actually using the other fields in /etc/shadow.

#! /usr/bin/perl

use warnings;
use strict;

my $SUFFIX = "dc=example,dc=com";

if (@ARGV < 1) {
        die("usage: $0 passwd-file\n");
}

if (!open(PWD, "<$ARGV[0]")) {
        die("Coudln't open '$ARGV[0]' for reading: $!\n");
}

while (<PWD>) {
        chomp;
        my ($username, $passwd, $uid, $gid, $gecos, $dir, $shell) = split ':';
        next if ($uid < 100);

        print "dn: uid=$username,ou=People,$SUFFIX\n";
        print "objectClass: top\n";
        print "objectClass: posixAccount\n";
        print "objectClass: shadowAccount\n";
        print "objectClass: person\n";
        print "objectClass: organizationalPerson\n";
        print "objectClass: inetOrgPerson\n";
        print "uid: $username\n";

        $passwd = "*LK*" if ($passwd eq "");

        print "userPassword: {CRYPT}$passwd\n";
        print "uidNumber: $uid\n";
        print "gidNumber: $gid\n";
        print "gecos: $gecos\n";
        print "homeDirectory: $dir\n";
        print "loginShell: $shell\n";
        print "cn: $username\n";
        print "cn: $gecos\n";

        my @names = split /\s+/, $gecos;
        my $sn = [EMAIL PROTECTED] - 1];
        my $gn = $names[0];

        if (@names > 1) {
                if (@names > 2) {
                        print "cn: $gn $sn\n";
                }
                print "givenName: " . $names[0] . "\n";
                print "sn: " . [EMAIL PROTECTED] - 1] . "\n";
        }

        print "shadowlastchange: -1\n";
        print "shadowmin: -1\n";
        print "shadowmax: -1\n";
        print "shadowwarning: -1\n";
        print "shadowinactive: -1\n";
        print "shadowexpire: -1\n";
        print "shadowflag: -1\n";
        print "description: $gecos\n\n";
}

-- 
Keith M Wesolowski              "Sir, we're surrounded!" 
FishWorks                       "Excellent; we can attack in any direction!" 
_______________________________________________
opensolaris-help mailing list
[email protected]

Reply via email to