On Fri, Oct 29, 2010 at 10:15:32AM -0400, Adam Tauno Williams wrote:
On Fri, 2010-10-29 at 09:00 -0400, Tim Dunphy wrote:
I noticed that when I migrated my users with the migrate_passwd.pl tool from PADL it didn't migrate the actual passwords (just the rest of the posixAccount info). I think I need to set the EXTENDED_SCHEMA variable and then try running the tool again. does anyone know what this should be? I actually thought there might be a migrate_shadow.pl tool that could accomplish this, but there doesn't appear to be anything like that among the PADL migration tools.
I wonder if you did it as root. If not, it doesn't include the passwords. (That is, the script will run as regular user, but will not include passwords.)
I'd *strongly* recommend *not* using the PADL migration scripts. Morphing your system data into LDAP is pretty simple if you are familiar with any scripting language. You should carefully think through what you want in the DSA and how you want it represented, then make the LDIF files accordingly.
I would have argued that two years ago, but I've come to the conclusion that this is true. I might use it to create a sample ldif when I forget some syntax, but I find myself using the padl scripts less and less. This is not to say that (IMNSKO, not so knowledgeable--the rest I'm sure you folks know), they're bad per se, just that as one gets more experienced, there are better ways of doing it.
See http://mosg.googlegroups.com/web/LDAP102.pdf?gda=OkhSRj0AAABGYSQZGnP1p0-ZaG58b_-Dpp2Ky__YopapPAxAcIb5YKjfyxwalkQMu975yVukqHflNv--OykrTYJH3lVGu2Z5 for some simple example (slides 27 - 29)
Excellent link, thank you, even though I'm not the OP.