[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ldap/lwat test

Bjarne Nielsen wrote:
På Wed, 15 Aug 2007 04:40:02 +0200, skrev nigel barker <tech@hiroshima-is.ac.jp>:

I would like to know the solution when you find it. When you are successful, would you mind writing a howto for transferring users from a skolelinux 2 tjener to a new skolelinux 3 tjener?



Don't know if you have some machine to test on, but here is what I have done so far. You should only use this for testing purposes.

This is not necessarily the right way, and may cause errors for what I know, but this worked fine for me:

Backup the old ldap:

# mkdir /var/backups/ldif
# /etc/init.d/slapd stop
# /etc/init.d/nscd stop
# /usr/sbin/slapcat -l /var/backups/ldif/ldifbackup.ldif
# /etc/init.d/slapd start
# /etc/init.d/nscd start

You shold now have a ldif backup in /var/backups/ldif/ Copy this to some removeable storage device. Then bring the ldif file to your newly installed server. The rest is done after installing DebianEdu 3.0.

Since I had done some testing with ldap, I moved away everything in ldap with:

# rm -rf /var/lib/ldap/*

Then got a fresh and clean ldap:

# ldap-debian-edu-install

When I tried to add my ldif file, the users would not become members of groups already excisting, e.g. groups teachers and students. Since, as far as I know, you can not use lwat to add several users to a group at once, this would be quite timeconsuming. A workaround was to restart slapd and nscd, then use lwat to remove the groups teachers, students and machines, and then stop slapd and nscd again. I guess you could do this from commandline as well. This step should not be necessary, but maybe my ldif file is not corresponding to good with my new ldap.

Then I added my ldif file using slapadd:

# slapadd -v -c -l ldifbackup.ldif -f /etc/ldap/slapd.conf

Then i did restart slapd and nscd.

# getent passwd

returns all my users

# getent group |grep teach

returns all the teachers in school correctly.

Windows (samba) machines works mostly still, but there seems to be some issues. Sometimes they can't get in touch with ldapserver. I have not investigated this any further.

Good luck
Bjarne Nielsen

Sounds like a good ide for a howto wiki dokument. perhaps you could add it to http://wiki.debian.org/DebianEdu/HowTo/MigrateLdapFrom2.0 then others that test the same procedure can help fine tune the documentation or if you want it as part of the official documentation package it could be added to http://wiki.skolelinux.no/DebianEdu/Documentation/Etch/HowTo


Reply to: