Wednesday, June 7, 2017

[389-users] Migration from OpenLDAP to 389 DS

Hi,

I'm completely new in LDAP and I have one task to do. Task is migration from OpenLDAP to 389 DS.
I have installed 389 and now I try to import schema from OpenLDAP. First I create export of schema from OpenLDAP.

config.ldif is done with command: slapcat -F /opt/ldap/mn/slapd.d/ -b "cn=config" > conf.ldif
itnetmanager.ldif is done via java LDAP Browser.

Then I try to convert this ldif files with scripts at http://www.port389.org/docs/389ds/scripts.html, but I did not succeed.
Can someone help me, how can I convert ldif files from OpenLDAP, that be useful for import to 389 DS?

Here are few rows from both file:

itnetmanager_schema_export.ldif
dn: cn={12}itnetmanager, cn=schema, cn=config
olcObjectClasses: {0} ( 1.3.6.1.4.1.1332.1000.30.1 NAME 'itPrepaidPinSub' DES
C 'IskratelprepaidPinSub' MUST ( itPrepaidPin $ itDirectoryNumber ) )
olcObjectClasses: {1} ( 1.3.6.1.4.1.1332.1000.30.2 NAME 'itPrepaidCgPNSub' DE
SC 'IskratelprepaidCgPNSub' MUST ( itCgPN $ itDirectoryNumber ) )
olcObjectClasses: {2} ( 1.3.6.1.4.1.1332.1000.30.3 NAME 'itPrepaidSubAccount'
DESC 'IskratelprepaidSubAccount' MUST ( itDirectoryNumber $ itAccountStatus
$ itAccountBalance $ itDateOfLastUsed $ itDateOfExpiry $ itLanguageCode $ i
tUnsucRechargeAtt $ itStatGroupId $ itPrepaidSetId))
olcObjectClasses: {3} ( 1.3.6.1.4.1.1332.1000.30.4 NAME 'itPrepaidSet' DESC '
IskratelprepaidSet' MUST ( itPrepaidSetId $ itPrepaidSetName $ itWelcomeMsgM
ode $ itLanguageMode $ itCbMode $ itRechargeAuth $ itLockAuth $ itRrReqMode
$ itMaxCallAtt $ itMaxRechargeAtt $ itSimultCallsAuth $ itLowBalanceWarn $ i
tNearExpiryWarn $ itNegAccBalance $ itMaxAccBalance $ itSuspensionDur $ itMi
nCallDur $ itLowBalanceValue1 $ itLowBalanceValue2 $ itCnPNDisplayMode $ itP
repaidSubsType $ itAvailDurMsgAuth $ itAccBalMsgAuth $ itOrgChargeCode $ itV
alidityTime ))
...
olcAttributeTypes: {262} ( 1.3.6.1.4.1.1332.1000.10.266 NAME ('itDefaultPolic
yProfile') DESC 'Is User Policy Default' EQUALITY booleanMatch SUBSTR caseIg
noreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
olcAttributeTypes: {263} ( 1.3.6.1.4.1.1332.1000.10.267 NAME ('itPasswordHist
ory') DESC 'User Password History' EQUALITY caseIgnoreMatch SUBSTR caseIgnor
eSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
objectClass: olcSchemaConfig
cn: {12}itnetmanager



config.ldif
dn: cn=config
olcLogLevel: 0
olcConnMaxPending: 100
olcConcurrency: 0
olcWriteTimeout: 0
olcArgsFile: /var/run/openldap/slapd_mn.args
olcIndexSubstrAnyStep: 2
olcSockbufMaxIncoming: 262143
olcTLSCertificateKeyFile: /opt/ldap/mn/certs/password
objectClass: olcGlobal
olcIndexIntLen: 4
olcConnMaxPendingAuth: 1000
olcTLSCertificateFile: "OpenLDAP Server"
cn: config
olcIndexSubstrIfMinLen: 2
olcAttributeOptions: lang-
olcPidFile: /var/run/openldap/slapd_mn.pid
olcConfigDir: /opt/ldap/mn/slapd.d/
olcReverseLookup: FALSE
olcGentleHUP: FALSE
olcTLSCACertificatePath: /opt/ldap/mn/certs
olcReadOnly: FALSE
olcTLSVerifyClient: never
olcThreads: 16
olcIndexSubstrAnyLen: 4
olcToolThreads: 1
olcSockbufMaxIncomingAuth: 16777215
olcIdleTimeout: 0
olcSaslSecProps: noplain,noanonymous
olcConfigFile: /opt/ldap/mn/slapd.conf
olcAuthzPolicy: none
olcIndexSubstrIfMaxLen: 4
olcAllows: bind_v2
olcLocalSSF: 71

dn: cn=schema, cn=config
olcObjectClasses: ( 2.5.6.0 NAME 'top' DESC 'top of the superclass chain' ABS
TRACT MUST objectClass )
olcObjectClasses: ( 1.3.6.1.4.1.1466.101.120.111 NAME 'extensibleObject' DESC
'RFC4512: extensible object' SUP top AUXILIARY )
olcObjectClasses: ( 2.5.6.1 NAME 'alias' DESC 'RFC4512: an alias' SUP top STR
UCTURAL MUST aliasedObjectName )
...
olcAccess: {2}to attrs=itPasswordFtp by group/groupOfUniqueNames/uniqueMembe
r.exact="cn=adminrole,ou=group,l=Kranj,c=SI" write by * none
olcAccess: {3}to attrs=itPasswordDb by group/groupOfUniqueNames/uniqueMember
.exact="cn=adminrole,ou=group,l=Kranj,c=SI" write by * none
olcDbConfig: {0}# Set location for txn log files
olcDbConfig: {1}set_lg_dir /opt/ldap/mn/ldapDB
olcDbConfig: {2}# Set cache size 20MB
olcDbConfig: {3}set_cachesize 0 20971520 0
olcDbConfig: {4}set_lg_regionmax 262144
olcDbConfig: {5}set_lg_bsize 2097152
olcDbConfig: {6}# Automatically remove log files that are no longer needed.
olcDbConfig: {7}set_flags DB_LOG_AUTOREMOVE
olcDbConfig: {8}# Just use these settings when doing slapadd...
olcDbConfig: {9}# set_flags DB_TXN_NOSYNC
olcDbIDLcacheSize: 0
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDbShmKey: 0
olcMaxDerefDepth: 10
olcLastMod: TRUE
olcDbCacheFree: 5
olcDbCacheSize: 150000
olcDbDirtyRead: FALSE
olcReadOnly: FALSE
olcDbSearchStack: 16
olcDatabase: {2}bdb
olcDbDNcacheSize: 0
olcRootPW: {MD5}tGVcx24Qek2C4rq4tk32Wg==
olcDbCheckpoint: 10 1
olcRootDN: cn=ldapadmin,l=Kranj,c=SI
olcDbDirectory: /opt/ldap/mn/ldapDB
olcSizeLimit: 150000

Thank you!
br,rtmktl
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)