[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Migration ..... subtree wth passwd

To: "openLDAP-software list" <openldap-software@OpenLDAP.org>
Subject: Re: Migration ..... subtree wth passwd
From: "Sivasakthi d/o Sivagnanam" <sakthi@digicert.com.my>
Date: Wed, 2 Feb 2005 19:28:06 +0800
References: <002e01c5090d$f1539a20$9701a8c0@digicertsakhti> <bdb8a693e9d8daeba364e62ef6b3a56b@dataflake.org>

ok, sorry.

Oh, my second query.. i think i got the ans...... i did a slapcat and
checked the ldif file...the password is stored under attribute userPassword
...however in encrypted form.

however just to be sure, let me re-phrase the question with a proper example
since i brought it up in the first place:-
If my openldap tree structure is as per following with 3 main sub-tree o=A,
o=B and o=C:-
c=MY
    o=A
        cn=Tst
            serialNo=4573
    o=B
        ou=X
            cn=BMIT
                serialNo=1234
                serialNo=4563
    o=C
        ou=Y
            cn=Trial
                serialNo=5654

subtree o=A and o=C can be expanded to show all its serialNo entries with
its properties

however, for sub-tree B only ldap users under that tree can access it.
For each of the serialNo under o=B, I've set ldappasswd with the following
command in the current LINUX box:-
example: ldappasswd -x -S -D <dnentry> -w <password> -s <passwordtree>
serialnumber=1234, cn=BMIT, ou=X, o=B, c=MY

The userpassword that was encrypted would there be any problems should i use
it on a new LINUX machine with a new version of RedHat Linux and Openldap
running ? Logically is shouldn't but if you have any word of caution would
appreciate it.

.sakthi
----- Original Message -----
From: "Jens Vagelpohl" <jens@dataflake.org>
To: "openLDAP-software list" <openldap-software@OpenLDAP.org>
Sent: Wednesday, February 02, 2005 6:09 PM
Subject: Re: Migration ..... subtree wth passwd

Please do not CC me directly. I read the list.

On Feb 2, 2005, at 10:59, Sivasakthi d/o Sivagnanam wrote:
> 1. Master LINUX : slapcat > Mcomp.ldif
> 2. Slave LINUX: slapcat > Scomp.ldif
> 3. New Master LINUX: slapadd -l Mcomp.ldif
> 4. New Slave LINUX: slapadd -l Scomp.ldif

slapcat the old master and slapadd the same LDIF on both new master and
new slave.

> Next question in relation to migration as well, say I have 3 sub-tree
> ......... but one sub-tree can only be accessed by user entries under
> this
> sub-tree with password. In the old machine, i used ldappasswd to set
> the
> entries under that sub-tree. So do i do the same once the slapadd
> action is
> complete ?

No idea what you are talking about.

jens

Follow-Ups:
- Re: Migration ..... subtree wth passwd
  - From: Jens Vagelpohl <jens@dataflake.org>

References:
- Migration ..... subtree wth passwd
  - From: "Sivasakthi d/o Sivagnanam" <sakthi@digicert.com.my>
- Re: Migration ..... subtree wth passwd
  - From: Jens Vagelpohl <jens@dataflake.org>

Prev by Date: Re: Migration ..... subtree wth passwd
Next by Date: Re: Migration ..... subtree wth passwd
Index(es):
- Chronological
- Thread