Hi,
We're planning the migration from openldap to 389DS, we did some tests, and we have some problems with users passwords migration.
We found this article in 389DS's website http://directory.fedoraproject.org/docs/389ds/design/password-migration-desi...
Is this implemented or not yet or completely abandoned?
the Pass through plugin worked, but we didn't find the "password migration mode option" to catch the passwords.
Regards.
On Thu, 2016-03-03 at 01:33 +0100, wodel youchi wrote:
Hi,
We're planning the migration from openldap to 389DS, we did some tests, and we have some problems with users passwords migration.
We found this article in 389DS's website http://directory.fedoraproject.org/docs/389ds/design/password-migration-desi.... html
Is this implemented or not yet or completely abandoned?
the Pass through plugin worked, but we didn't find the "password migration mode option" to catch the passwords.
If your users passwords are stored in a hash format that 389 can understand, you should be able to take an ldif of the openldap directory and apply it directly to 389-ds
If you plan to run both in sync for some time, that may not be possible.
I had a look at the pass through auth code, and it doesn't look like the code to write back hashes is in there (unless I missed something)
I've created a ticket to develop this feature, but I can not guarantee a time span on when it will be complete I am sorry.
https://fedorahosted.org/389/ticket/48753
389-users@lists.fedoraproject.org