[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to migrate MS - Active Directory to Linux OpenLDAP

Remind me again what this has to do with OpenLDAP? I've never been able to mention Active Directory in a post before no matter what the context was and yet this thread can continue (let alone even get started) ?

Atom Powers wrote:
Gustavo Rios wrote:
Do you plan to open source it? I mean your scripts!

Can't, but it wouldn't do anybody any good anyway.

I was converting data from one openldap system to another one with a different schema. The script is very site-specific, with most of the code doing things like "if the data is for this kind of user, move them into this ou", and "if the host has an IP that looks like this, put it in this group".

The only thing I see that could be even remotely useful are the RegEx that I used to convert the host data from a custom schema to the domainRelatedObject+dNSDomain+ieee802Device schema.

On a different, somewhat related note, I have some scripts I use to pull DNS (named) and DHCP (isc-dhcpd) configurations data out of LDAP that would probably be a lot more useful, but this isn't the place to post them.

On 10/4/06, Atom Powers <apowers@digipen.edu> wrote:
Raghu Ni wrote:
> Hi,
> We are trying into migrate from Active Directory to Open LDAP. But, we
> getting problems with Schema Attributes. Can any one help us in this ?

I haven't worked with AD in a number of years, but I did do a
large-scale migration to OpenLDAP this summer.

You have esentially two choices.
1. Write a schema that supports the AD attributes in OpenLDAP.
2. Write a script that converts the AD attributes to those used in the
standard OpenLDAP schemas. This is the route I took and my script ended
up being many hundreds of lines (in perl) and requires extensive
testing, as even the smallest mistake can prevent the data from getting

Perfection is just a word I use occasionally with mustard.
--Atom Powers--
Systems Administrator
DigiPen Institute of Technology
(425) 895-4443