From owner-freebsd-questions@FreeBSD.ORG Wed Oct 13 15:37:04 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 24A991065670 for ; Wed, 13 Oct 2010 15:37:04 +0000 (UTC) (envelope-from milu@dat.pl) Received: from jab.dat.pl (dat.pl [80.51.155.34]) by mx1.freebsd.org (Postfix) with ESMTP id 49ECA8FC1A for ; Wed, 13 Oct 2010 15:37:02 +0000 (UTC) Received: from jab.dat.pl (jsrv.dat.pl [127.0.0.1]) by jab.dat.pl (Postfix) with ESMTP id CD16F71; Wed, 13 Oct 2010 17:37:00 +0200 (CEST) X-Virus-Scanned: amavisd-new at dat.pl Received: from jab.dat.pl ([127.0.0.1]) by jab.dat.pl (jab.dat.pl [127.0.0.1]) (amavisd-new, port 10024) with LMTP id e0fJl4rNJMLt; Wed, 13 Oct 2010 17:36:54 +0200 (CEST) Received: from snifi.localnet (unknown [212.69.68.42]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by jab.dat.pl (Postfix) with ESMTPSA id 517D155; Wed, 13 Oct 2010 17:36:54 +0200 (CEST) From: Maciej Milewski To: freebsd-questions@freebsd.org Date: Wed, 13 Oct 2010 17:37:09 +0200 User-Agent: KMail/1.13.5 (Linux/2.6.35-ARCH; KDE/4.5.2; x86_64; ; ) References: In-Reply-To: X-KMail-Markup: true MIME-Version: 1.0 Message-Id: <201010131737.09756.milu@dat.pl> Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Tim Dunphy Subject: Re: migrating to openldap X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Oct 2010 15:37:04 -0000 On Wednesday 13 October 2010 16:08:35, Tim Dunphy wrote: > Hello, > > I am attempting to migrate my local user setup to openldap under > FreeBSD 8.1. My server is currently running nicely. > > At the moment, sudoers is imported into openldap-server24. But > services that authenticate through PAM (such as su and ssh) are > currently not working. > > I notice that the CentOS version of openldap24 has a really nice set > of perl scripts suited to this purpose. > > So I rsynced them over to my BSD box in the hopes of using them. > > LBSD2# ls > README migrate_group.pl > migrate_aliases.pl migrate_hosts.pl > migrate_all_netinfo_offline.sh migrate_netgroup.pl > migrate_all_netinfo_online.sh migrate_netgroup_byhost.pl > migrate_all_nis_offline.sh migrate_netgroup_byuser.pl > migrate_all_nis_online.sh migrate_networks.pl > migrate_all_nisplus_offline.sh migrate_passwd.pl > migrate_all_nisplus_online.sh migrate_profile.pl > migrate_all_offline.sh migrate_protocols.pl > migrate_all_online.sh migrate_rpc.pl > migrate_automount.pl migrate_services.pl > migrate_base.pl migrate_slapd_conf.pl > migrate_common.ph migration-tools.txt > migrate_fstab.pl > > What one needs to do is set an environment variable for your base DN > and then run the scripts. > > LBSD2# echo $DEFAULT_BASE > dc=summitnjhome,dc=com > > > LBSD2# ./migrate_base.pl > /home/bluethundr/txt/base.ldif > > But for some reason the scripts running under BSD don't see the base > dn that i set, whereas when I run them under CentOS they do. > > Now, I could edit the resulting file by hand, but that isn't a very > practical solution. Does anyone know if there are either existing > FreeBSD versions of these migration scripts or have a tip for helping > me get these to run under FreeBSD? > > Thanks!!! The migrationtools page[1] says this about $DEFAULT_BASE The naming suffix to use in entries' distinguished names. If undefined, this will be constructed by mapping the mail domain name into a distinguished name (eg aceindustry.com becomes dc=aceindustry,dc=com). You may override this with the LDAP_BASEDN environment variable. Have you tried that? 1.http://www.padl.com/OSS/MigrationTools.html -- Maciej Milewski