[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: new ldap installation -LDAP newbie question
if you've built openldap with --enable-crypt you may be able to load
the passwords with the {CRYPT} password type. I've only had limited
luck with this.
when our campus rolled out LDAP we forced our 2000 employees and
10,000 students to all change their passwords, also enforcing new
password strength restrictions.
-Rex
On Mar 11, 2009, at 5:36 PM, Swenson, Chris wrote:
This is a bit difficult to articulate.
Is there a way to move only the passwords from a passwd file into
ldap?
I have built out an ldap server and a client box and can successful
authenticate from one to the other.
I am using this to replace an old RHEL that has depended on the
passwd file with nearly 10,000 users.
To add the users to the new server I have parsed and imported a good
deal of the data in the passwd file into on Oracle Db that has all
the HR stuff
and then scripted an output ldif to add the users into the new ldap
server. Good so far, this works.
My concern is thus. Ldap is on a new box. There is a lot of junk
in the old box I want to leave behind, hence the rewrite via oracle.
I want to extract only the passwords from the passwd file and write
them to the new ldap server.
If I run migrate_passwd.pl and pull the passwords out, they are
hashed in some way and I cannot write them to the ldap nor script
setting the password from the old one.
Even if I run the passwd file through pwunconv they seem to be
unusable.
I dread the thought of having to communicate with 9000 students and
nearly 1000 faculty and staff with new passwords.
Regards
Chris S.