[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Active Directory to OpenLDAP





--On Donnerstag, 29. Mai 2003 16:10 -0700 Dave Snoopy <kingsnoopy7@yahoo.com> wrote:

For a simpler approach though, you might just want to
create a Perl script on your PDC and run it as admin,
which will dump all of your users and groups to a
file. You could then write a corresponding Perl script
to parse the file and turn it into an ldif file, which
you could use to insert the users into your LDAP
server.

Of course, obtaining the Windows passwords or password
hashes is not achievable using either of these
methods.

You can dump password hashes from Windows using pwdump2 <http://razor.bindview.com/tools/desc/pwdump2_readme.html>. These can then be used to authenticate simple binds using the lanman password scheme (--enable-lmpasswd).


A script to convert the pwdump output to ldif can be found at
<ftp://ftp.openldap.org/incoming/norbert.klasen-20001120.migrate_pwdump.pl>

Norbert