Pre-Report: Importing user data using hash codes from /etc/shadow
Hi there,
this is not an entire report or HOWTO yet, but rather a notice what we have
been doing, so people planning similar tasks could ask...
We migrated from an old school server and basically want to re-use some 850
user accounts.
First approach was to use some scipt by "Barbarossa" which directly puts the
data from passwd, shadow etc. into the ldap. This works well, but in our case
the given UIDs (which are imported as well with that script) had been corrupt
in terms of duplicate IDs. As a result, some 100 users got lost. Additionally
(though minor) drawback of this approach: The default settings from /etc/skel
had not been created for any user.
New approach: Adapt Andreas' wlus module for file import in a way that instead
of plain passwords the hash codes from shadow, samba and unix (?) can be
stated. This provided thorough understanding of the wlus perl scripts - here
I have to name Patrick's engagement, who promised to give his own report if
all testing is over.
Not being verymuch into perl, here I can only tell that it is necessary to
have a semicolon separated values table containing user's login name, full
name, authority group [teachers|students], three different hash codes,
classes / courses the person belongs to.
We now removed all users but root from ldap with some dirty commandline hack.
Only later we realized that by this also the machine_accounts$ were
removed,so we have to re-join the domain from each Win Client. On a TX150
(2,8 GHz /1 GB) it took about 0.5 secs per user. Then we imported our user
data. This takes increasingly time per user - 0.5 secs in the beginning, then
5 - 10 secs per user and more! (On a VMWare installation it didn't slow down
that much!)
Two more little hacks had been done to some perl functions in the script to
allow hyphans ('-') and more than 8 letters within user names.
Now, if you have to cope similar problems, feel free to ask :)
Regards
Ralf
Reply to: