Joshua Daniel Franklin wrote:
We are using LDAP for login and automount, currently with the
openldap-servers rpm. I'm assuming that the eventual plan is to
migrate Fedora and Red Hat Enterprise Linux to the Fedora
Directory Server, though this may not happen until FC5 and
perhaps RHEL 5 or 6.
I am curious what the migration path will look like. I assume
that I can just do an LFIF dump and then import, but has
anyone tried it?
First, make sure your migrate your schema. If you don't have any custom
schema, and are using standard LDAP objectclasses like inetOrgPerson,
shadowAccount, account, groupOfUniqueNames, etc. then you probably don't
have to do this.
Next step is configuration. You need to configure Fedora DS with your
suffix config, database config (if any), replication, etc.
SSL is a special case. While OpenLDAP uses OpenSSL, Fedora DS uses
Mozilla NSS as the security provider. There will be some work involved
in exporting your server certificate in a format that NSS can
understand, but some combination of the openssl and NSS certutil should
Then, just export your data from OpenLDAP and import into Fedora DS.
I'd also be very interested to know whether any of the
management tools will work with openldap--right now all I use
is the Java LDAPbrowser which is very minimal.
Fedora-directory-users mailing list