Re: Migrating from Netscape Ldap to Openldap

[Adam Tauno Williams <adam@morrison-ind.com>]

> Thanks for your reply. I've dumped the database out to an ldf file and
> examined it. The problem I appear to be running into is that instead of
> using attributes like "username" or "userpassword", all of the
> information is being dumped as "newoakuser" or "newoakuserpassword". 
> I've tried going into the ldf file to replace all of the "newoak*" with
> the Openldap equivalent, but when I do, I lose all the ability to
> communicate with the Vpn device. In contrast, trying to import the
> "newoak*" information into Openldap results in "Unknown attribute
> newoak*" and a failed import. Do you know if it's possible to map
> between the two formats or if a schema exists that correlates with
> "newoak*?" 

How many attributes/objectclasses are we talking about?  If it is only a
few you may be able to reverse engineer it;  or enquire of the Netscape
DSA what the schema for these attributes are in cn=subchema, then just
recreate them in an OpenLDAP compliant style.

Otherwise, if they are really equivalent to the OpenLDAP schema
(newoakuser = uid) you may just be able to use back-ldap/proxy to
rewrite data from the 'standard' OpenLDAP form to the funky attribute
names used by your device;  we've done this successfully with a couple
of odd software packages.  The password attribute could be an
interesting one however,  is it encoded in a {crypt-type}crypt format?

> I've searched the internet looking for "newoak" schemas or instructions
> on setting up attributes mappings but have not been able to find
> anything which would allow me to merge the two. 

How about contacting the tech support people of the devices OEM?  Surely
they have to know the schema they are using.