[Fedora-directory-users] migration from openldap-servers?
Rich Megginson
rmeggins at redhat.com
Mon Jun 6 17:29:17 UTC 2005
Joshua Daniel Franklin wrote:
>Hello,
>
>We are using LDAP for login and automount, currently with the
>openldap-servers rpm. I'm assuming that the eventual plan is to
>migrate Fedora and Red Hat Enterprise Linux to the Fedora
>Directory Server, though this may not happen until FC5 and
>perhaps RHEL 5 or 6.
>
>
>I am curious what the migration path will look like. I assume
>that I can just do an LFIF dump and then import, but has
>anyone tried it?
>
>
First, make sure your migrate your schema. If you don't have any custom
schema, and are using standard LDAP objectclasses like inetOrgPerson,
shadowAccount, account, groupOfUniqueNames, etc. then you probably don't
have to do this.
Next step is configuration. You need to configure Fedora DS with your
suffix config, database config (if any), replication, etc.
SSL is a special case. While OpenLDAP uses OpenSSL, Fedora DS uses
Mozilla NSS as the security provider. There will be some work involved
in exporting your server certificate in a format that NSS can
understand, but some combination of the openssl and NSS certutil should
be sufficient.
Then, just export your data from OpenLDAP and import into Fedora DS.
>I'd also be very interested to know whether any of the
>management tools will work with openldap--right now all I use
>is the Java LDAPbrowser which is very minimal.
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3312 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20050606/89ebe576/attachment.bin>
More information about the Fedora-directory-users
mailing list