[Fedora-directory-users] Re: OpenLDAP->FDS Migration
Diaa Radwan
diaa.radwan at gmail.com
Tue Feb 24 12:11:12 UTC 2009
On Tue, Feb 24, 2009 at 12:38 PM, Thorsten Scherf <tscherf at redhat.com> wrote:
> On [Mon, 23.02.2009 13:42], Diaa Radwan wrote:
>>
>> On Thu, Feb 19, 2009 at 11:16 PM, Thorsten Scherf <tscherf at redhat.com>
>> wrote:
>>>
>>> Wondering if somebody recently did a migration from OpenLDAP to FDS and
>>> is willing to share experiences.
>>>
>>
>> I have migrated from openldap to fds, I have passed all the following
>> steps :
>>
>> - Fix the my ldif data since there was hundreds of records have no
>> missing object class, as there was no enforcing schema checking set on ol
>> - Migrate our custom schema.
>> - Migrate the acls to aci (this was tough)
>
> yeah, thats the intersting part here. Have you done the migration
> of ACIs manually?
Yeah, AFAIK the only way to migrate ol acl to aci is doing them
manually, it is easy once you have figured out who have access on
which part. as more of the time when you have many access rules, it
became harder to migrate the file. I had 60 access rule on acl file
translated to 19 aci. I could have them less than 19 but I decided to
add aci on deeper leafs.
Check this link on redhat doc. it will help you to migrate whatever
service you are running now to aci,
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Access_Control-Access_Control_Usage_Examples.html
Once you have done the migration, life would go easier and easier for you.
--
Diaa Radwan
http://www.fossology.net
More information about the 389-users
mailing list