I noticed that when I migrated my users with the migrate_passwd.pl tool from PADL it didn't migrate the actual passwords (just the rest of the posixAccount info). I think I need to set the EXTENDED_SCHEMA variable and then try running the tool again. does anyone know what this should be?
$EXTENDED_SCHEMA = 1;
I actually thought there might be a migrate_shadow.pl tool that could accomplish this, but there doesn't appear to be anything like that among the PADL migration tools.
Correct, just the migrate_passwd.pl script.
So in short the user info is there in LDAP but no one can log in because all the password fields look like this: userPassword: {crypt}*
That's a result when there is no password set for the user to be migrated (see man 5 shadow).
Here is a more complete user entry that is currently in the system:
73 uid=bluethundr,ou=summitnjops,ou=staff,dc=summitnjhome,dc=com uid: bluethundr cn: Timothy P. givenName: Timothy P. sn: Dunphy objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount loginShell: /usr/local/bin/bash uidNumber: 1001 gidNumber: 1002 homeDirectory: /home/bluethundr gecos: Timothy P. userPassword: {crypt}*
The PADL script blindly uses {crypt}, although the password encryption mechanism may be very different.
thanks in advance for any tips you can share that will get this working!
Alexander