[389-users] Re: Passwords migration from openldap to 389DS
On Thu, 2016-03-03 at 01:33 +0100, wodel youchi wrote:
Hi,
We're planning the migration from openldap to 389DS,
we did some tests, and we have some problems with users passwords migration.
We found this article in 389DS's website
http://directory.fedoraproject.org/docs/389ds/design/password-migration-d....
html
Is this implemented or not yet or completely abandoned?
the Pass through plugin worked, but we didn't find the "password migration
mode option" to catch the passwords.
If your users passwords are stored in a hash format that 389 can understand, you
should be able to take an ldif of the openldap directory and apply it directly to
389-ds
If you plan to run both in sync for some time, that may not be possible.
I had a look at the pass through auth code, and it doesn't look like the code to
write back hashes is in there (unless I missed something)
I've created a ticket to develop this feature, but I can not guarantee a time
span on when it will be complete I am sorry.
https://fedorahosted.org/389/ticket/48753
--
Sincerely,
William Brown
Software Engineer
Red Hat, Brisbane
Attachments:
- signature.asc (application/pgp-signature — 819 bytes)