[Fedora-directory-users] Help needed migrating from Sun ONE to Fedora DS 1.1

Chris Waltham cwaltham at bowdoin.edu
Thu Feb 7 21:46:01 UTC 2008 

On Feb 7, 2008, at 4:33 PM, Rich Megginson wrote:

> Chris Waltham wrote:
>> * why can't I import the Sun schema if that's what I want to do?
> You should be able to do that.  It's really odd that Sun defined  
> schema is in 99user.ldif - that file is reserved solely for user  
> defined schema added via LDAP.  You'll have to post the errors here  
> so we can address the issues.

I did one better: I simply copied the entire config/schema/ directory  
from the Sun box to the Fedora box, and tried to restart Fedora DS. I  
got some non-fatal errors:

[root at hebron slapd-hebron]# /etc/init.d/dirsrv start
Starting dirsrv:
     hebron...[07/Feb/2008:16:41:00 -0500] - Entry "cn=SNMP,cn=config"  
-- attribute "nssnmpname" not allowed
[07/Feb/2008:16:41:00 -0500] - Entry "cn=PAM Pass Through  
Auth,cn=plugins,cn=config" has unknown object class "pamConfig"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=Kerberos uid  
mapping,cn=mapping,cn=sasl,cn=config" has unknown object class  
"nsSaslMapping"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=rfc 2829 dn  
syntax,cn=mapping,cn=sasl,cn=config" has unknown object class  
"nsSaslMapping"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=rfc 2829 u  
syntax,cn=mapping,cn=sasl,cn=config" has unknown object class  
"nsSaslMapping"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=uid  
mapping,cn=mapping,cn=sasl,cn=config" has unknown object class  
"nsSaslMapping"
[07/Feb/2008:16:41:00 -0500] - Entry "cn=SNMP,cn=config" -- attribute  
"nssnmpname" not allowed
                                                            [  OK  ]

That gave me some hope, so then I tried to import my database from an  
LDAP. FWIW, this is how I generated the LDIF on the Sun box:

db2ldif 'o=Bowdoin College, c=US'

Then I just tried this in Fedora:

/usr/lib/dirsrv/slapd-hebron/ldif2db -s 'o=Bowdoin College, c=US' -i / 
path/to/dumpfile.ldif

And I got the following errors:

importing data ...
[07/Feb/2008:16:41:08 -0500] - Entry "cn=SNMP,cn=config" -- attribute  
"nssnmpname" not allowed
[07/Feb/2008:16:41:08 -0500] - Entry "cn=PAM Pass Through  
Auth,cn=plugins,cn=config" has unknown object class "pamConfig"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=Kerberos uid  
mapping,cn=mapping,cn=sasl,cn=config" has unknown object class  
"nsSaslMapping"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=rfc 2829 dn  
syntax,cn=mapping,cn=sasl,cn=config" has unknown object class  
"nsSaslMapping"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=rfc 2829 u  
syntax,cn=mapping,cn=sasl,cn=config" has unknown object class  
"nsSaslMapping"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=uid  
mapping,cn=mapping,cn=sasl,cn=config" has unknown object class  
"nsSaslMapping"
[07/Feb/2008:16:41:08 -0500] - Entry "cn=SNMP,cn=config" -- attribute  
"nssnmpname" not allowed
[07/Feb/2008:16:41:08 -0500] - ERROR 2: There is no backend instance  
to import to.

To be honest, I am a little confused at the relationship between  
instances and backends. From what I can see, Sun includes the  
following instances: userRoot, internetdb, pab and netscapeRoot (and  
possibly others?). But, I only have one suffix that I need, which is  
o=Bowdoin College, c=US.


Chris

>
>> * if I can't import the Sun schema, is there an easy way of  
>> stripping out the Sun attributes from a 10,000-user LDIF file?
> If you are a Perl hacker, you could use Mozilla perldap (included  
> with the fedora ds software) or Net::LDAP (probably bundled with  
> your linux OS perl distribution).  If you prefer python, python-ldap  
> also has an LDIF parser.
>>
>> Thanks,
>>
>>
>> Chris

More information about the 389-users mailing list