[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-developers] Migration of LDAP Accounts from 0.9.14 to 0.9.
From: |
Philipp Kamps |
Subject: |
[Phpgroupware-developers] Migration of LDAP Accounts from 0.9.14 to 0.9.16 |
Date: |
Wed, 07 Apr 2004 15:45:00 +0200 |
Hi,
this text explains a step-by-step migration from old (0.9.14)
LDAP Accounts to the new version of LDAP Accounts/Groups (0.9.16).
This text is not perfect and I'm happy to include feedback.
Cheers, fips
==========
1. Make a backup of your existing LDAP
- Make sure you are 'root'
- Stop your LDAP server
>/etc/init.d/slapd stop (debian)
- Locate your LDAP repository directory and make a backup
>tar cvzf ~/ldap_bak.tar.gz /var/lib/ldap
- Restart your LDAP server
>/etc/init.d/slapd start
2. Get all accounts/groups for the phpgw 0.9.14 in your LDAP
- Search for all phpgw accounts
-h <ldaphost>
-D <bindDN>
(you don't need this one if you allow anonymous access
to your LDAP)
-x simple bind
-W ask for password
(you don't need this one if you allow anonymous access
to your LDAP)
-b <baseDN> of your basedn with the phpgw accounts
>ldapsearch -h localhost -D cn=Manager,dc=yourdomain,dc=yourcountry
-x -W -b ou=accounts,dc=yourdomain,dc=yourcountry
"(&(objectclass=phpgwAccount)(phpgwAccountType=u))" >
~/phpgwAccounts.ldif
- Search for all phpgw groups
Just change the 'u' to 'g' and the target file in the command:
>ldapsearch -h localhost -D cn=Manager,dc=yourdomain,dc=yourcountry
-x -W -b ou=accounts,dc=yourdomain,dc=yourcountry
"(&(objectclass=phpgwAccount)(phpgwAccountType=g))" > ~/phpgwGroups.ldif
3. Delete all old 0.9.14 LDAP entries.
- The easiest way to delete these entries is to use the gq
application to delete the hole baseDN for your phpgw accounts and
groups; and to only recreate this baseDN again.
- Make sure you delete all addressbook entries in your LDAP as well.
The new contact backend doesn't allow LDAP as a repository.
Sorry for that.
4. Change LDAP schema
- Once you have deleted all old phpgw 0.9.14 entries stop your
LDAP server again.
- Edit your LDAP server configuration file:
>vi /etc/ldap/slapd.conf (debian)
- Locate following line in the config file:
include /etc/openldap/schema/phpgwaccount.schema
- Change it to:
include /etc/openldap/schema/phpgroupware.schema
- Locate following line in the config file:
include /etc/openldap/schema/phpgwcontact.schema
- Remove this line
- Restart your LDAP server
5. Adapt your exported ldif file for accounts:
- Edit your exported phpgwAccounts.ldif file:
>vi ~/phpgwAccounts.ldif
- Each ldif entry (they are separated by a blank line)
must be altered either by hand or by search/replace
statements
- Make sure each ldif entry only have following
objectclasses:
objectClass: posixAccount
objectClass: account
objectClass: phpgwAccount
- Delete all lines with
phpgwAccountType:
at the beginning
- Replace following attributes:
phpgwAccountLastLogin: to (->) phpgwLastLogin:
phpgwAccountLastLoginFrom: -> phpgwLastLoginFrom:
- Add an additional attribute and give it the uidnumber value
phpgwAccountID: <uidnumber of this ldap entry>
- remove all line under following line:
# search result
6. Adapt your exported ldif file for groups:
- Make sure each ldif entry only have following
objectclasses:
objectClass: posixGroup
objectClass: phpgwGroup
- Delete all lines with
phpgw
userPassword:
at the beginning
- Add an additional attribute and give it the gidnumber value
phpgwGroupID: <gidnumber of this ldap entry>
- remove all line under following line:
# search result
7. Import your accounts/groups to ldap again
>ldapadd -h localhost -D cn=Manager,dc=yourdomain,dc=yourcountry -x
-W -f ~/phpgwGroups.ldif
>ldapadd -h localhost -D cn=Manager,dc=yourdomain,dc=yourcountry -x
-W -f ~/phpgwAccounts.ldif
- [Phpgroupware-developers] Migration of LDAP Accounts from 0.9.14 to 0.9.16,
Philipp Kamps <=